On Thu, Jul 05, 2018 at 07:36:19PM +0000, Ratliff, John wrote:
I'm using SSSD and realmd to join a machine to active directory.
When I run id on my user, I only get the primary group. If I run getent
group "groupname", it works...sometimes. Other times, it returns blank.
This is on a CentOS 7 machine (sssd 1.16.0)
$ id jdratlif
uid=752603752(jdratlif) gid=1572000513(domain users)
groups=1572000513(domain users)
$ getent group ssh-test-users2
ssh-test-users2:*:752629809:
What is the scope is the group ('domain local', 'global' or
'universal')?
Did you log in as jdratlif before running those commands?
$ sss_cache -E
$ getent group ssh-test-users2
ssh-test-users2:*:752629809:jdratlif
$ id jdratlif
uid=752603752(jdratlif) gid=1572000513(domain users)
groups=1572000513(domain users)
$ getent group ssh-test-users2
ssh-test-users2:*:752629809:
$ id jdratlif
uid=752603752(jdratlif) gid=1572000513(domain users)
groups=1572000513(domain users)
This was all in the span of 2 minutes.
Let me know what other information would be helpful.
Debug logs with debug_level=9 would be helpful, especially the domain
logs and the sssd_nss.log. Please see
https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html for
details.
bye,
Sumit
Thanks.
--
John Ratliff
Research Storage / UITS / Pervasive Technology Institute
Indiana University |
https://pti.iu.edu
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahost...