On Fri, Mar 23, 2018 at 06:13:39PM -0400, Asif Iqbal wrote: > On Thu, Mar 22, 2018 at 2:51 PM, Asif Iqbal <[email protected]> wrote: > > > > [..stripped for brevity..] > >>> > > > So I see 5% of current users have mnetid with leading 0. > >>> > > > > >>> > > > So I never used sss_override. How do I use sss_override to make > >>> mnetid > >>> > > > 004311 > >>> > > > to work with sss when ldap id mapping tries to map 4311 instead? > >>> > > > > >>> > > > Appreciate your help! > >>> > > > >>> > > I haven't tested it with your setup but > >>> > > > >>> > > sss_override user_add mwvande --uid 4311 --gid 4311 > >>> > > sss_override group_add mwvande --gid 4311 > >>> > > > >>> > > should create the needed override data so that user and group mwvande > >>> > > can be looked up with the ID 4311. > >>> > > > >>> > > >>> > > >>> > So I can lookup by 4311 after this. Very nice! > >>> > > >>> > Do I need to restart sssd after these two commands? > >>> > >>> You have to restart SSSD after adding the first overrides to switch on > >>> the override handling. If you add additional override later on you do > >>> not have to restart SSSD, but you might need to wait until some cache > >>> timeouts are passed before the overridden values are shown. > >>> > >> > >> > >> I have a user today complained whose mnetid has leading 0s > >> > >> [mwvande@example:]$ ssh sgx2-brdr-01 > >> > >> No user exists for uid 4311 > >> > >> I already have the sss_override ran last week for 100 users last week and > >> sssd was restarted. > >> > >> > >> > >> > > I am still wondering if there is a gap in my using sss_override > > > > I have ran this, example commands, for all users with leading 0s in mnetid > > > > sss_override user-add mwvande --uid 4311--gid 4311 > > sss_override group-add mwvande --gid 4311 > > > > Then I ran the systemctl restart sssd
As said earlier I haven't tested overrides with your type of setup, so I'm not sure if they work as expected. After adding the overrides and restarting SSSD with debug_level=9 in the [nss] and [domain/...] sections of sssd.conf, can you call 'sss_cache -E' and 'getent passwd 4311' and send me the related logs. bye, Sumit > > > > Is there a step I am missing? > > > > I have another user having the same issue with mnetid 027505 and > username ac09446 > > As a workaround he ran `getent passwd ac09446` and `getent group ac09446` > and that fixed it > > Please advise > > > > > > > > -- > > Asif Iqbal > > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > > A: Because it messes up the order in which people normally read text. > > Q: Why is top-posting such a bad thing? > > > > > > > -- > Asif Iqbal > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
