On Mon, 2012-05-07 at 17:11 +0200, Buchan Milne wrote: > On Monday, 7 May 2012 16:22:58 Braden McDaniel wrote: > > On Mon, 2012-05-07 at 11:27 +0200, Buchan Milne wrote: > > > On Monday, 7 May 2012 08:04:34 Braden McDaniel wrote: > > > > > If I remove the user from the group in LDAP, that is reflected in the > > > > output of "groups". But, when I add it back, "groups" shows the > > > > (local) group associated with the old GID, not the new one. > > > > > > > > So it's as if something on the client side has gotten the group *name* > > > > from LDAP and has locally cached an association with the old GID. > > > > > > You have a local group and an LDAP group, with the same name, and > > > different GIDs? > > > > Not "have"; *had*. I changed the LDAP group GID to match the local grou > > GID. But "groups" still shows the local group associated with the old > > GID. > > So, you no longer have local and LDAP groups with the same *name* ?
I do; but that name is not what shows up in the out put of "groups" (or "id"). There is no corresponding group name "pulse-access" in LDAP and there is no LDAP group with GID 990. > If so, there is something weird. That is my impression. -- Braden McDaniel <[email protected]>
