On Tue, Apr 10, 2018 at 01:30:44PM +0200, Sumit Bose wrote:
> On Mon, Apr 09, 2018 at 10:53:51AM -0400, Asif Iqbal wrote:
> > On Mon, Apr 2, 2018 at 12:20 PM, Asif Iqbal <vadud3(a)gmail.com> wrote:
> >
> > >
> > >
> > > On Tue, Mar 27, 2018 at 4:43 AM, Sumit Bose <sbose(a)redhat.com>
wrote:
> > >
> > >> On Fri, Mar 23, 2018 at 06:13:39PM -0400, Asif Iqbal wrote:
> > >> > On Thu, Mar 22, 2018 at 2:51 PM, Asif Iqbal
<vadud3(a)gmail.com>
wrote:
> > >> >
> > >> > > > [..stripped for brevity..]
> > >> > >>> > > > So I see 5% of current users have
mnetid with leading 0.
> > >> > >>> > > >
> > >> > >>> > > > So I never used sss_override. How do
I use sss_override
to
> > >> make
> > >> > >>> mnetid
> > >> > >>> > > > 004311
> > >> > >>> > > > to work with sss when ldap id mapping
tries to map 4311
> > >> instead?
> > >> > >>> > > >
> > >> > >>> > > > Appreciate your help!
> > >> > >>> > >
> > >> > >>> > > I haven't tested it with your setup
but
> > >> > >>> > >
> > >> > >>> > > sss_override user_add mwvande --uid
4311 --gid 4311
> > >> > >>> > > sss_override group_add mwvande --gid
4311
> > >> > >>> > >
> > >> > >>> > > should create the needed override data so
that user and
group
> > >> mwvande
> > >> > >>> > > can be looked up with the ID 4311.
> > >> > >>> > >
> > >> > >>> >
> > >> > >>> >
> > >> > >>> > So I can lookup by 4311 after this. Very nice!
> > >> > >>> >
> > >> > >>> > Do I need to restart sssd after these two
commands?
> > >> > >>>
> > >> > >>> You have to restart SSSD after adding the first
overrides to
switch
> > >> on
> > >> > >>> the override handling. If you add additional
override later
on you
> > >> do
> > >> > >>> not have to restart SSSD, but you might need to wait
until
some
> > >> cache
> > >> > >>> timeouts are passed before the overridden values are
shown.
> > >> > >>>
> > >> > >>
> > >> > >>
> > >> > >> I have a user today complained whose mnetid has leading
0s
> > >> > >>
> > >> > >> [mwvande@example:]$ ssh sgx2-brdr-01
> > >> > >>
> > >> > >> No user exists for uid 4311
> > >> > >>
> > >> > >> I already have the sss_override ran last week for 100
users
last
> > >> week and
> > >> > >> sssd was restarted.
> > >> > >>
> > >> > >>
> > >> > >>
> > >> > >>
> > >> > > I am still wondering if there is a gap in my using
sss_override
> > >> > >
> > >> > > I have ran this, example commands, for all users with
leading
0s in
> > >> mnetid
> > >> > >
> > >> > > sss_override user-add mwvande --uid 4311--gid 4311
> > >> > > sss_override group-add mwvande --gid 4311
> > >> > >
> > >> > > Then I ran the systemctl restart sssd
> > >>
> > >> As said earlier I haven't tested overrides with your type of
setup,
so
> > >> I'm not sure if they work as expected. After adding the overrides
and
> > >> restarting SSSD with debug_level=9 in the [nss] and [domain/...]
> > >> sections of sssd.conf, can you call 'sss_cache -E' and
'getent
passwd
> > >> 4311' and send me the related logs.
> > >>
> > >> bye,
> > >> Sumit
> > >>
> > >>
> > > # sss_cache -E
> > > # getent passwd 4311
> > > (no output)
> > >
> > > sssd_LDAP.log
https://gist.github.com/
7170405abc3c7b8a2fac0211f4452aab
> > >
> > > sssd_nss.log
https://gist.github.com/cd1a4a1323c94d0284d4001fe364bf
71
> > >
> > > Appreciate your help!
> > >
> > >
> > >
> > Hi Sumit et al.,
> >
> > Still like some help to resolve this.
>
> Thank you for the logs. Unfortunately I cannot see the reason in the
> logs why it does not work. I'll have to replicate your setup and try to
> reproduce the issue and will send my findings in a few days.
I was able to reproduce the issue if I use a string attribute with a
leading white-space as UID attribute. I have to think a bit about how
this can be fixed in a general way.
I am glad(?) you saw same issue. Appreciate your help!
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?