I hope someone can help. I have an odd issue I haven't seen before. I've done a lot of checking under the hood, but I'm stuck.
We have hundreds of systems using the v2.9+ of the daemon (AD and LDAP providers). We're deploying a new HPC cluster using Rocky Linux 9 containers (all other systems are RHEL 8/9) as stateless compute nodes. These nodes are ephemeral so we use the LDAP providers. The observed issue is the daemons load and run as expected. The nodes mount NFS file systems but do not resolve file and directory ownerships for LDAP users until I manually run a "getent" or "id" on any user or group. It doesn't even have to be a user or group that owns files. So any type of NSS lookup seems to kick start the process. From there the node is fine. libnfs, libnss, sssd-nfs-idmap, libsss_nss_idmap, etc are all the same on nodes that don't do this. DNS works, there's no difference in daemon configurations from working ones. systemd unit files are identical, etc. I cannot figure out why these nodes need to be poked by NSS to start using NSS. Very peculiar. Any insight would be appreciated, -- lawrence
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
