I cannot create a user

v7
activedirectory

(Giacomo Sanchietti) #21

I had no luck on reproducing the issue, even using the same names


(Markus Neuberger) #22

Using this name as the new users Full name (given name) leads to the error.

grafik

After that error you have to reboot to be able to create new users.


(Giacomo Sanchietti) #23

Nothing :frowning:

I hope @davidep will be able to reproduce it.

This is my log:

Jan 10 11:21:30 test esmith::event[23901]: Event: user-create t5 Сидоровсидоров СидоровСидоров Сидоров /bin/bash
Jan 10 11:21:30 test esmith::event[23901]: User 't5' created successfully
Jan 10 11:21:30 test esmith::event[23901]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.331081]
Jan 10 11:21:30 test esmith::event[23901]: Action: /etc/e-smith/events/user-create/S50nethserver-dc-sync-upn SUCCESS [0.243441]
Jan 10 11:21:30 test esmith::event[23901]: [NOTICE] clearing sssd cache for user t5@local.neth.eu
Jan 10 11:21:30 test esmith::event[23901]: No cache object matched the specified search
Jan 10 11:21:30 test esmith::event[23901]: No cache object matched the specified search
Jan 10 11:21:30 test esmith::event[23901]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.016303]
Jan 10 11:21:30 test esmith::event[23901]: Event: user-create SUCCESS
Jan 10 11:21:31 test esmith::event[23926]: Event: password-policy-update t5 yes
Jan 10 11:21:31 test esmith::event[23926]: [NOTICE] clearing sssd cache for user t5@local.neth.eu
Jan 10 11:21:31 test esmith::event[23926]: No cache object matched the specified search
Jan 10 11:21:31 test esmith::event[23926]: No cache object matched the specified search
Jan 10 11:21:31 test esmith::event[23926]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.016779]
Jan 10 11:21:31 test esmith::event[23926]: Expiry for user 't5' set to 180 days.
Jan 10 11:21:31 test esmith::event[23926]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.386884]
Jan 10 11:21:31 test esmith::event[23926]: Event: password-policy-update SUCCESS
Jan 10 11:21:31 test esmith::event[23946]: Event: password-modify t5@local.neth.eu /tmp/ng-ppyFjT
Jan 10 11:21:31 test esmith::event[23946]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.003023]
Jan 10 11:21:31 test esmith::event[23946]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword t5
Jan 10 11:21:31 test esmith::event[23946]: New Password:
Jan 10 11:21:31 test esmith::event[23946]: Retype Password:
Jan 10 11:21:31 test esmith::event[23946]: Changed password OK
Jan 10 11:21:31 test esmith::event[23946]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [0.303579]
Jan 10 11:21:32 test esmith::event[23946]: Enabled user 't5'
Jan 10 11:21:32 test esmith::event[23946]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [0.261231]
Jan 10 11:21:32 test esmith::event[23946]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.028735]
Jan 10 11:21:32 test esmith::event[23946]: Event: password-modify SUCCESS

(Markus Neuberger) #24

I tried it again and it’s totally weird, you need a username with at least 6 chars to throw the error:

Username: tuser1
Name: Сидоровсидоров СидоровСидоров Сидоров

Log
Jan 11 01:47:10 testvm2 esmith::event[1446]: Event: user-create tuser1 Сидоровсидоров СидоровСидоров Сидоров /usr/libexec/openssh/sftp-server
Jan 11 01:47:10 testvm2 esmith::event[1446]: Failed to start transient service unit: Message did not receive a reply (timeout by message bus)
Jan 11 01:47:10 testvm2 esmith::event[1446]: [ERROR] User tuser1 creation failed
Jan 11 01:47:10 testvm2 esmith::event[1446]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create FAILED: 3 [0.251683]
Jan 11 01:47:11 testvm2 esmith::event[1446]: Action: /etc/e-smith/events/user-create/S50nethserver-dc-sync-upn SUCCESS [0.257654]
Jan 11 01:47:11 testvm2 esmith::event[1446]: [NOTICE] clearing sssd cache for user tuser1@domain.local
Jan 11 01:47:11 testvm2 esmith::event[1446]: No cache object matched the specified search
Jan 11 01:47:11 testvm2 esmith::event[1446]: No cache object matched the specified search
Jan 11 01:47:11 testvm2 esmith::event[1446]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.042427]
Jan 11 01:47:11 testvm2 esmith::event[1446]: Event: user-create FAILED
Jan 11 01:47:11 testvm2 esmith::event[1469]: Event: password-policy-update tuser1 no
Jan 11 01:47:11 testvm2 esmith::event[1469]: [NOTICE] clearing sssd cache for user tuser1@domain.local
Jan 11 01:47:11 testvm2 esmith::event[1469]: No cache object matched the specified search
Jan 11 01:47:11 testvm2 esmith::event[1469]: No cache object matched the specified search
Jan 11 01:47:11 testvm2 esmith::event[1469]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.018701]
Jan 11 01:47:21 testvm2 esmith::event[1469]: [ERROR] Faild to set expiry on user tuser1
Jan 11 01:47:21 testvm2 esmith::event[1469]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy FAILED: 3 [10.150894]
Jan 11 01:47:21 testvm2 esmith::event[1469]: Event: password-policy-update FAILED
Jan 11 01:47:21 testvm2 esmith::event[1487]: Event: password-modify tuser1@domain.local /tmp/ng-L7NXJj
Jan 11 01:47:21 testvm2 esmith::event[1487]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.018138]
Jan 11 01:47:21 testvm2 esmith::event[1487]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword tuser1
Jan 11 01:47:31 testvm2 esmith::event[1487]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [10.031177]
Jan 11 01:47:36 testvm2 esmith::event[1487]: Failed to start transient service unit: Activation of org.freedesktop.systemd1 timed out
Jan 11 01:47:36 testvm2 esmith::event[1487]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock FAILED: 2 [4.750845]
Jan 11 01:47:36 testvm2 esmith::event[1487]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.049296]
Jan 11 01:47:36 testvm2 esmith::event[1487]: Event: password-modify FAILED

(Giacomo Sanchietti) #25

Thank you, reproduced!

This the real error:

Jan 11 16:19:00 test esmith::event[20151]: Failed to start transient service unit: Message did not receive a reply (timeout by message bus)

Extracted from (I hacked the action to actually see the executed command):

Jan 11 16:19:00 test esmith::event[20151]: Event: user-create testuser1 Сидоровсидоров СидоровСидоров Сидоров /usr/libexec/openssh/sftp-server
Jan 11 16:19:00 test esmith::event[20151]: /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user create "testuser1" --random-password --must-change-at-next-login "--login-shell=/usr/libexec/openssh/sftp-server" "--unix-home=/var/lib/nethserver/home/testuser1" "--given-name=Сидоровсидоров СидоровСидоров Сидоров" --use-username-as-cn
Jan 11 16:19:00 test esmith::event[20151]: Failed to start transient service unit: Message did not receive a reply (timeout by message bus)
Jan 11 16:19:00 test esmith::event[20151]: [ERROR] User testuser1 creation failed

It seems the problem is in systemd-run itself.

We should probably raise an upstream bug, but before doing it we need to reproduce the issue on a simpler environment, like a systemd-nspawn container with only an ssh server.

I will report the same on our issue. Do you think we can close it as “CANTFIX”?


(Davide Principi) #26

Yes, after reporting it upstream: we’ll fix it when a solution is available

Edit
Reported and closed

https://bugzilla.redhat.com/show_bug.cgi?id=1533595


(Davide Principi) #27

I’m working on the fix for https://github.com/NethServer/dev/issues/5544

This issue could be solved too by applying the proposed solution that bypasses systemd-run completely. Who wants to test it? /cc @quality_team

In a system with local AD accounts provider install the patched RPM:

yum localinstall http://packages.nethserver.org/nethserver/7.5.1804/autobuild/x86_64/Packages/nethserver-dc-1.5.3-1.6.pr85.gade80e8.ns7.x86_64.rpm