On Wed, Apr 18, 2018 at 10:49 AM, Sumit Bose <[email protected]> wrote:
> On Tue, Apr 10, 2018 at 01:30:44PM +0200, Sumit Bose wrote: > > On Mon, Apr 09, 2018 at 10:53:51AM -0400, Asif Iqbal wrote: > > > On Mon, Apr 2, 2018 at 12:20 PM, Asif Iqbal <[email protected]> wrote: > > > > > > > > > > > > > > > On Tue, Mar 27, 2018 at 4:43 AM, Sumit Bose <[email protected]> > wrote: > > > > > > > >> On Fri, Mar 23, 2018 at 06:13:39PM -0400, Asif Iqbal wrote: > > > >> > On Thu, Mar 22, 2018 at 2:51 PM, Asif Iqbal <[email protected]> > wrote: > > > >> > > > > >> > > > [..stripped for brevity..] > > > >> > >>> > > > So I see 5% of current users have mnetid with leading 0. > > > >> > >>> > > > > > > >> > >>> > > > So I never used sss_override. How do I use sss_override > to > > > >> make > > > >> > >>> mnetid > > > >> > >>> > > > 004311 > > > >> > >>> > > > to work with sss when ldap id mapping tries to map 4311 > > > >> instead? > > > >> > >>> > > > > > > >> > >>> > > > Appreciate your help! > > > >> > >>> > > > > > >> > >>> > > I haven't tested it with your setup but > > > >> > >>> > > > > > >> > >>> > > sss_override user_add mwvande --uid 4311 --gid 4311 > > > >> > >>> > > sss_override group_add mwvande --gid 4311 > > > >> > >>> > > > > > >> > >>> > > should create the needed override data so that user and > group > > > >> mwvande > > > >> > >>> > > can be looked up with the ID 4311. > > > >> > >>> > > > > > >> > >>> > > > > >> > >>> > > > > >> > >>> > So I can lookup by 4311 after this. Very nice! > > > >> > >>> > > > > >> > >>> > Do I need to restart sssd after these two commands? > > > >> > >>> > > > >> > >>> You have to restart SSSD after adding the first overrides to > switch > > > >> on > > > >> > >>> the override handling. If you add additional override later > on you > > > >> do > > > >> > >>> not have to restart SSSD, but you might need to wait until > some > > > >> cache > > > >> > >>> timeouts are passed before the overridden values are shown. > > > >> > >>> > > > >> > >> > > > >> > >> > > > >> > >> I have a user today complained whose mnetid has leading 0s > > > >> > >> > > > >> > >> [mwvande@example:]$ ssh sgx2-brdr-01 > > > >> > >> > > > >> > >> No user exists for uid 4311 > > > >> > >> > > > >> > >> I already have the sss_override ran last week for 100 users > last > > > >> week and > > > >> > >> sssd was restarted. > > > >> > >> > > > >> > >> > > > >> > >> > > > >> > >> > > > >> > > I am still wondering if there is a gap in my using sss_override > > > >> > > > > > >> > > I have ran this, example commands, for all users with leading > 0s in > > > >> mnetid > > > >> > > > > > >> > > sss_override user-add mwvande --uid 4311--gid 4311 > > > >> > > sss_override group-add mwvande --gid 4311 > > > >> > > > > > >> > > Then I ran the systemctl restart sssd > > > >> > > > >> As said earlier I haven't tested overrides with your type of setup, > so > > > >> I'm not sure if they work as expected. After adding the overrides > and > > > >> restarting SSSD with debug_level=9 in the [nss] and [domain/...] > > > >> sections of sssd.conf, can you call 'sss_cache -E' and 'getent > passwd > > > >> 4311' and send me the related logs. > > > >> > > > >> bye, > > > >> Sumit > > > >> > > > >> > > > > # sss_cache -E > > > > # getent passwd 4311 > > > > (no output) > > > > > > > > sssd_LDAP.log https://gist.github.com/ > 7170405abc3c7b8a2fac0211f4452aab > > > > > > > > sssd_nss.log https://gist.github.com/cd1a4a1323c94d0284d4001fe364bf > 71 > > > > > > > > Appreciate your help! > > > > > > > > > > > > > > > Hi Sumit et al., > > > > > > Still like some help to resolve this. > > > > Thank you for the logs. Unfortunately I cannot see the reason in the > > logs why it does not work. I'll have to replicate your setup and try to > > reproduce the issue and will send my findings in a few days. > > I was able to reproduce the issue if I use a string attribute with a > leading white-space as UID attribute. I have to think a bit about how > this can be fixed in a general way. > I am glad(?) you saw same issue. Appreciate your help! > > bye, > Sumit > > -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
