Red Hat Enterprise Linux Server release 7.3

I have noticed some odd behavior when I perform ldap searches in the compat
tree for groups.  I have approximately 20 posix groups including the
default "admins" group.

The default admins group comprises of the default admin user and a single
group called "unixadmins".  The unixadmins group is a posix group and has
one member called "winadmins". The winadmins group is an external group
type which contains one external group called "".

That group on the windows domain has 2 members: and

When i perform a search in the compat tree, I see multiple memberUID
entries which are:

This is what I am looking for.

However, when I look at the compat tree entry for "unixadmins" (the posix
group used in the admins group), I don't see any memberUID entries at all.
This is the same result for all the other posix groups which have a similar

When I perform a "id" I see that the user belongs to
the "admins", "unixadmins" and another posix group (I can also verify this
by looking at the users accounts tree).

On a hunch, I added the "admin" user to the unixadmins group and the other
posix group and now when I query the group compat tree then i see an entry
with the memberUid showing both the admin user and the windows users (ie and

Is this a bug ?

Rob Johnson
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to