Hello,
two groups with identical cn, but residing in different OUs on the
same level, containing the same user accounts. The first has got RID
307742 and gidNumber 10307742. The other has got RID 307744 and
gidNumber 10307744.
Running "id useraccount" returns the group with the lower gidNumber.
After renaming the second group (adding the number 2), both groups
are resolved.
Moving first group (RID 307742/gidNumber 20307742) away from search
base and create a third group with the same name. This group gets
RID 307358 and gidNumber 10307358 returns this newly created group
when running "id useraccount".
Level 9 log shows this difference:
[sssd[be[ad.example.org]]]
[sysdb_search_users] (0x2000): Search users with filter:
(&(objectclass=user)(gidNumber=10307742))
[sssd[be[ad.example.org]]]
[sysdb_search_users] (0x2000): Search users with filter:
(&(objectclass=user)(gidNumber=10307358))
It is always the group with the lower gidNumber that's beeing
checked.
Is SSSD using some name based filter? Or what filter is being
used?
Regards
Davor Vusir