Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ad: refresh root domain when read directly #7251

Closed
wants to merge 1 commit into from
Closed

ad: refresh root domain when read directly #7251

wants to merge 1 commit into from

Conversation

sumit-bose
Copy link
Contributor

If the domain object of the forest root domain cannot be found in the
LDAP tree of the local AD domain SSSD tries to read the request data
from an LDAP server of the forest root domain directly. After reading
this data the information is stored in the cache but currently the
information about the domain store in memory is not updated with the
additional data. As a result e.g. the domain SID is missing in this data
and only becomes available after a restart where it is read from the
cache.

With this patch an unconditional refresh is triggered at the end of the
fallback code path.

Resolves: #7250

@alexey-tikhonov alexey-tikhonov mentioned this pull request Mar 21, 2024
Closed
@thalman thalman requested review from thalman and danlavu March 21, 2024 13:43
thalman
thalman approved these changes Apr 9, 2024
View reviewed changes
Copy link
Contributor

@thalman thalman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you for the patch

danlavu
danlavu approved these changes Apr 16, 2024
View reviewed changes
Copy link

@danlavu danlavu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LG2M

@alexey-tikhonov alexey-tikhonov added Ready to push Ready to push and removed Ready to push Ready to push labels Apr 22, 2024
@alexey-tikhonov
Copy link
Member

@sumit-bose, could you please rebase?

@sumit-bose
ad: refresh root domain when read directly
4c66508 
If the domain object of the forest root domain cannot be found in the
LDAP tree of the local AD domain SSSD tries to read the request data
from an LDAP server of the forest root domain directly. After reading
this data the information is stored in the cache but currently the
information about the domain store in memory is not updated with the
additional data. As a result e.g. the domain SID is missing in this data
and only becomes available after a restart where it is read from the
cache.

With this patch an unconditional refresh is triggered at the end of the
fallback code path.

Resolves: SSSD#7250
@sumit-bose sumit-bose force-pushed the missing_root_dom_sid branch from c8115e9 to 4c66508 Compare April 23, 2024 08:23
@sumit-bose
Copy link
Contributor Author

@sumit-bose, could you please rebase?

done

@alexey-tikhonov alexey-tikhonov added the Ready to push Ready to push label Apr 23, 2024
@alexey-tikhonov
Copy link
Member

Pushed PR: #7251

  • master
    • 0de6c33 - ad: refresh root domain when read directly
  • sssd-2-9
    • db27a51 - ad: refresh root domain when read directly

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danlavu danlavu danlavu approved these changes

@thalman thalman thalman approved these changes

Assignees

@thalman thalman

@danlavu danlavu

Labels
Bugzilla Pushed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSSD is not fully registering the domains if the cache is empty
4 participants
@sumit-bose @alexey-tikhonov @thalman @danlavu