Hi,

On Fri, Sep 16, 2022 at 8:35 AM Francis Augusto Medeiros-Logeay <r_f@med-lo.eu> wrote:


On 2022-09-16 08:30, Francis Augusto Medeiros-Logeay wrote:
> Hi,
>
> I recently have been aware of the option "hybrid" for
> auto_private_groups, and it would really help us to solve a problem
> where our AD server has a gidNumber set up for users, but no primary
> group name assigned.
>
> When set to `true`, it works fine, though we don't want to set it to
> true because the uid might have been used as a gid for another user.
> Therefore hybrid is a better solution for us.
>

From the man page, the private group is generated only if the UID and GID of the user entry are identical:
----- 8< -----
hybrid
               A primary group is autogenerated for user entries whose UID and GID numbers have the same value and at the same time the GID number
               does not correspond to a real group object in LDAP. If the values are the same, but the primary GID in the user entry is also used
               by a group object, the primary GID of the user resolves to that group object.

               If the UID and GID of a user are different, then the GID must correspond to a group entry, otherwise the GID is simply not
               resolvable.

               This feature is useful for environments that wish to stop maintaining a separate group objects for the user private groups, but also
               wish to retain the existing user private groups.
----- >8 -----

Is this your case?

flo

> Can you help me to debug this? I see on the log, and get no errors. But
> when logging in, my user gets this:
>
> /usr/bin/id: cannot find name for group ID 2558757.
>
> Best,
> Francis

I am sorry, I forgot to mention that I am trying this on a RHEL 8.7.

Best,

Francis
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue