Red Hat Enterprise Linux Server release 7.3 ipa-server-4.4.0-14.el7_3.4.x86_64 389-ds-base-1.3.5.10-15.el7_3.x86_64 sssd-1.14.0-43.el7_3.11.x86_64
I have noticed some odd behavior when I perform ldap searches in the compat tree for groups. I have approximately 20 posix groups including the default "admins" group. The default admins group comprises of the default admin user and a single group called "unixadmins". The unixadmins group is a posix group and has one member called "winadmins". The winadmins group is an external group type which contains one external group called "[email protected]". That group on the windows domain has 2 members: [email protected] and [email protected]. When i perform a search in the compat tree, I see multiple memberUID entries which are: admin [email protected] [email protected] This is what I am looking for. However, when I look at the compat tree entry for "unixadmins" (the posix group used in the admins group), I don't see any memberUID entries at all. This is the same result for all the other posix groups which have a similar setup. When I perform a "id [email protected]" I see that the user belongs to the "admins", "unixadmins" and another posix group (I can also verify this by looking at the users accounts tree). On a hunch, I added the "admin" user to the unixadmins group and the other posix group and now when I query the group compat tree then i see an entry with the memberUid showing both the admin user and the windows users (ie [email protected] and [email protected]) Is this a bug ? Rob Johnson
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
