On Mon, May 15, 2017 at 01:15:33PM +0200, Sébastien QUESSON wrote: > Hi, on sssd 1.13.4-1ubuntu1.5: > looking at sssd_domain.tls.log with debug level 9, I can see many wrong group > requests. > > After flushing ssd cache and restarting: > [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with > [(&(gidNumber=10117)(objectClass=group)(sAMAccountName=*)(&(gidNumber=*)(!(gidNumber=0))))][DC=domain,DC=tld]. > => it is valid, but few milliseconds later:
This looks like the back end reacted to a getgrgid(10117) call > [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with > [(&(sAMAccountName=10107)(objectClass=group)(sAMAccountName=*)(&(gidNumber=*)(!(gidNumber=0))))][DC=domain,DC=tld] > returns nothing, because sAMAccountName=10107 does not exists This looks like the back end reacted to a getgrnam(10117) call > > in sssd_nss.log, it generates many errors such > [sssd[nss]] [nss_cmd_getpwnam_search] (0x0040): No results for getpwnam call > [nss_cmd_getgrnam_search] (0x0040): No results for getgrnam call And this confirms it. > > is it expected or a misconfiguration on my test environment? > attached : sssd.conf I think it's expected, it just looks like some application (you can see its details referred to in the nss logs as 'client') is calling both getgrgid and getpwnam. _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
