Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: rhel-10.3
Affects Version/s: rhel-9.1.0
Component/s: sssd
Labels:
- MigratedToJIRA
- upstream-in-progress

Regression:
None
Severity:
Low
Epic Link:
RHEL-114223
sprint_count:
1

AssignedTeam:
rhel-idm-sssd
Sub-System Group:

ssg_idm

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
RHELs: 10.2, 9.8

Git Pull Request:
https://github.com/SSSD/sssd/pull/7763
Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
If docs needed, set a value

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2165670

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None
Internal Target Milestone numeric:
57,005

Description of problem:

The newly introduced option "ldap_ignore_unreadable_references" defaults to false which makes SSSD not backward compatible (with say RHEL-8).

If, for example, AD group contains a foreign security principals which belongs to one-way trusted domain, then on RH-9 group enumeration might fail, but on RH-8 it works (these security principals are ignored).

Hence I suggest we make this option to default to True so that the same configuration works the same way on RHEL-9 as with RHEL-8

external trackers

Red Hat Issue Tracker RHELPLAN-146918

Red Hat Issue Tracker SSSD-5639

links to

Pull request implementing the requested functionality

Assignee:: Sumit Bose

Reporter:: Ondrej Valousek (Inactive)

Developer:: Sumit Bose

QA Contact:: Shridhar Gadekar

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Created:: 2023/09/19 9:50 AM

Updated:: 2025/12/01 11:43 AM

Stale Date:: 2026/03/06

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates