SSSD and LDAP: no uid provided for user

Question

SSSD and LDAP: no uid provided for user

1.2k views Asked by Tina At 30 May 2017 at 13:46

I have been trying to integrate sssd with LDAP. We use OUD in our environment.

The user containing 12 characters in its uid can not connect to the server resulting in error in the log: no uid provided ...

(Thu May 18 10:47:23 2017) [sssd[be[LDAP]]] [sdap_get_primary_name] 
(0x0400): Processing object 820115302022
(Thu May 18 10:47:23 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0400): 
Processing user 820115302022@ldap
(Thu May 18 10:47:23 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0020): no 
uid provided for [820115302022@ldap] in domain [LDAP].
(Thu May 18 10:47:23 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0020): 
Failed to save user [**820115302022**@ldap]
(Thu May 18 10:47:23 2017) [sssd[be[LDAP]]] [sdap_save_users] (0x0040): 
Failed to store user 0. Ignoring.

So I created new user with less e.g. 5 characters in its uid that is uid=32001. This user connects successfully.

I was looking if there are some constraints on the uid length that users can have while using sssd but I still haven't found an answer. Does anybody knows what is the reason for this error and how can I solve it?

Original Q&A

There are 1 answers

**Tina** · Answer 1 · 2017-05-31 12:05:03

The Directory server that we use is OUD (Oracle Unified Directory) and the uid and gid used are attributes in the posixAccount and posixGroup object classes. We tested other users too and the problem appears when user has 11 od more chacaters in its uid. Here is the log for the user that has 11 characters and can not login.

(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_get_account_info_handler] 
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): DP 
Request [Account #82]: New request. Flags [0x0001].
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_attach_req] (0x0400): Number 
of active DP request: 1
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_search_user_next_base] 
(0x0400): Searching for users with base [cn=users,dc=mzsr,dc=kz]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x0400): calling ldap_search_ext with [(&(uid=32000000001)
(objectclass=posixAccount)(uid=*)(&(uidNumber=*)(!(uidNumber=0))))]
[cn=users,dc=mzsr,dc=kz].
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [objectClass]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [uid]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [userPassword]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [uidNumber]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [gidNumber]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [gecos]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [homeDirectory]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [loginShell]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [krbPrincipalName]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [cn]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [modifyTimestamp]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [modifyTimestamp]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowLastChange]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowMin]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowMax]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowWarning]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowInactive]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowExpire]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [shadowFlag]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [krbLastPwdChange]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [krbPasswordExpiration]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [pwdAttribute]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [authorizedService]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [accountExpires]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [userAccountControl]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [nsAccountLock]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [host]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]  
(0x1000): Requesting attrs: [loginDisabled]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [loginExpirationTime]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [loginAllowedTimeMap]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [sshPublicKey]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_ext_step] 
(0x1000): Requesting attrs: [mail]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_parse_entry] (0x1000): 
OriginalDN: [uid=32000000001,cn=users,dc=mzsr,dc=kz].
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_generic_op_finished] 
(0x0400): Search result: Success(0), no errmsg set
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_search_user_process] 
(0x0400): Search for users, returned 1 results.
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0400): Save 
user
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_attrs_get_sid_str] 
(0x1000): No [objectSID] attribute. [0][Success]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_get_primary_name] 
(0x0400): Processing object 32000000001
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0400): 
Processing user 32000000001@ldap
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0020): no 
uid provided for [32000000001@ldap] in domain [LDAP].
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0020): 
Failed to save user [32000000001@ldap]
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [sdap_save_users] (0x0040): 
Failed to store user 0. Ignoring.
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_req_done] (0x0400): DP 
Request [Account #82]: Request handler finished [0]: Success
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [_dp_req_recv] (0x0400): DP 
Request [Account #82]: Receiving request data.
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_req_reply_list_success] 
(0x0400): DP Request [Account #82]: Finished. Success.
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_req_reply_std] (0x1000): DP 
Request [Account #82]: Returning [Success]: 0,0,Success
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_table_value_destructor] 
(0x0400): Removing [0:1:0x0001:1:1::LDAP:name=32000000001@ldap] from reply 
table
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): DP 
Request [Account #82]: Request removed.
(Wed May 31 09:00:08 2017) [sssd[be[LDAP]]] [dp_req_destructor] (0x0400): 
Number of active DP request: 0

TechQA.

SSSD and LDAP: no uid provided for user

There are 1 answers

Related Questions in LDAP

Related Questions in SSSD

Popular Questions

Popular Tags

Trending Questions