On Fri, Feb 24, 2017 at 9:08 AM, Dan White <[email protected]> wrote:
> On 02/24/17 08:55 -0500, Bernard Fay wrote: > >> I removed a user from an LDAP group about a week ago. Today, this user >> still shows as member of the group with the Linux command groups. Also, >> the >> group (Administrators) appears twice in the output of the command id: >> uid=10000(username) gid=10000(Administrators) >> groups=10001(users),10005(devel),10011(video),10015(ansible) >> ,10000(Administrators) >> >> The command getent though shows the proper group assignation: >> getent group | grep username | cut -d: -f1 >> users >> devel >> video >> ansible >> >> All of those groups are LDAP group. >> > > Is this from a long running shell? If so, start a new shell or > run newgrp. > > Otherwise, verify that it is not cached (such as with nscd), and trouble > shoot as an nss ldap problem. > > No, it is not from a long running shell. I logged out and logged back in since I remove this user from the group. By the way the group in question is Administrators. How can I verify it is not cached? My guess is that it is cached. I tried to use "nscd -i group" but that did not change anything.
