On Sun, Oct 23, 2011 at 11:45:14AM -0400, Gorkos, John wrote:
This fix is present in the version of SSSD currently available in
the
RHEL 6.2 Beta release, so you may wish to grab the SSSD packages from
there and give it a try
I suspected that might be the case, so I hunted around a bit and wound up
here:
http://jdennis.fedorapeople.org/ipa-devel/rhel/6/x86_64/os/
I pulled the sssd RPMs from that repo and installed them:
# rpm -q -a | grep sssd
sssd-1.5.14-0.20111021T0146z.el6.x86_64
sssd-client-1.5.14-0.20111021T0146z.el6.x86_64
Then you're using the latest of the 1.5 branch
Unfortunately, sssd provides no '--version' parameter, so I can't extract
the current installed version from the binary itself, but all of the
output I gave in my original message were generated using the 1.5.14-0
RPMs, not using the stock 1.5.1 SSSD from the RHEL6 repos.
You might be interested in
https://fedorahosted.org/sssd/ticket/833
The patch is currently on review
I am going to try building 1.5.9 from source, to see if perhaps
there was
a regression between 1.5.9 and 1.5.14 that would cause this to appear
again. Also, I'd really like to stick to the 1.5 branch unless there are
plans to backport 1.6 to RHEL5. While my management machines are all
RHEL6.x, my production machines are stuck on RHEL5.3 and also need the
nested groups.
Thanks for the tips.
John Gorkos
I think this is actually a configuration issue -- have you tried if
setting 'ldap_group_object_class = groupOfNames' helps your case? It did
the trick during my testing.