On Fri, Jan 27, 2012 at 10:48, Stephen Gallagher <sgall...@redhat.com> wrote:
> On Fri, 2012-01-27 at 10:36 -0500, Dan Scott wrote:
>> Hi,
>> I have a Fedora 16 client running sssd-client-1.6.4-1.fc16.x86_64.
>> When I run, e.g. id djscott, I do not get the names of the groups:
>> -bash-4.2$ id djscott
>> uid=768(djscott) gid=1002(legacy-group)
>> groups=1002(legacy-group),1134,1130,1118,1103,1108,1113,789600001(ipausers),1102,1109,1129,1111
>> Is this because they have low GIDs? (These were migrated over from my
>> old FreeIPA 1 installation and I'd rather not re-number them all).
>> Can someone help me to figure out how to retrieve the group names?
>> This is working fine on the Fedora 15 clients (sssd-1.5.x).
> This looks to me like you didn't migrate all of the groups. GIF 1002 and
> 789600001 are both reporting the names correctly, so clearly the client
> is able to access the FreeIPA server and retrieve groups.

It's working fine with Fedora 15 clients, so I think that the groups
were migrated OK.

> Please try the following and report the results:
> getent group 1134
> and also
> getent group <groupname>
> where <groupname> is the name that is SUPPOSED to match GID 1134.

I've just realised that once I've manually looked up the group using
the name, the id command is 'fixed':

[root@newton ~]# getent group 1134
[root@newton ~]# getent group svn-wfdb-swig-matlab
[root@newton ~]# getent group 1134
[root@newton ~]# id djscott
uid=768(djscott) gid=1002(legacy-group)

The initial getent returned no data. But the group info seems OK once
I've done one lookup.

Maybe the sssd cache is corrupt/out-of-date? How can I refresh it?



