I was wondering - I have searched around and seen a few questions and
solutions, but nothing I try is fixing my environment.
Things have been working quite well with IPA 4.0.5, simple things with
auth and logins - some with full ipa-client-install configured, others
just using LDAP and that is where the strangeness comes from.
with full IPA client integration, secondary groups work just find, as do
base commands like "id" and "getent". However, the "ldap" users, never
show the secondary group for their uid?
Any pointers you might suggest? I have tried the sssd.conf of
"ldap_group_member = uniqeMember" - no change.
a simple secondary group is defined:
and yet with debug_level = 7 -- sssd still says:
[sdap_process_ghost_members] (0x0400): Group has 0 members
and "id" or "getent" of any of user1..5 just returns the primary GID.
Any ideas? Tips? What else might you want to see?
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project