Details
-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-8.8.0, rhel-9.2.0
-
sssd-2.9.3-1.el9
-
Normal
-
sst_idm_sssd
-
ssg_idm
-
11
-
12
-
Dev ack
-
False
-
Description
What were you trying to do that didn't work?
Huge number of `Expected cn in RDN, got uid` appear like
(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x1000): [RID#16] Parsing uid=exampleuser,cn=users,cn=accounts,dc=example,dc=com (2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x0020): [RID#16] Expected cn in RDN, got uid
Please provide the package NVR for which bug is seen:
sssd-2.8.2-3.el9_2.x86_64
sssd-2.8.2-2.el8.x86_64
How reproducible:
Always
Steps to reproduce
- Assume the IdM have 2 users, alice and bob
- Add the rule for bob
ipa hbacrule-add --hostcat=all bob-allow ipa hbacrule-add-user --users bob bob-allow
- Restart sssd with cache remove and ensure both alice and bob are not in SSSD cache
systemctl stop sssd; rm -fr /var/lib/sss/{db,mc}/*; systemctl start sssd
- Now ssh as alice, then quit
ssh alice@localhost exit
- grep the sssd log
grep "Expected cn in RDN" /var/log/sssd/*
Expected results
The error should not appear in debug_level 1 (or 0x0020)
Actual results
The error appear in debug_level 1
(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x1000): [RID#16] Parsing uid=bob,cn=users,cn=accounts,dc=example,dc=com (2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x0020): [RID#16] Expected cn in RDN, got uid
Attachments
Issue Links
- links to
-
RHBA-2023:121961
sssd bug fix and enhancement update
- mentioned on
