It seems fixed since.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/771698
Title:
/usr/bin/id does not show ldap groups
To manage notifications about this bug go to:
https://b
Bugreport can be closed.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/771698
Title:
/usr/bin/id does not show ldap groups
To manage notifications about this bug go to:
https:
[Expired for libnss-ldap (Ubuntu) because there has been no activity for
60 days.]
** Changed in: libnss-ldap (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://
If I search ldap using "ldapsearch" I do get all defined groups and users.
Accessing ldap via "getent (passwd|group)" I do again get all groups or users.
using "id" does not give back all groups a user belongs to. The system behaves,
as if there are only local groups available.
--
You received
> The fact that id shows fewer groups is not a security issue
> -- the user should have fewer privileges than with the
> intended ldap groups.
This is only correct as long as belonging to a group grants additional
rights. It is not correct any more if belonging to a group revoked
rights. The user
** Attachment added: "various configuration files used by pam and ldap"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/771698/+attachment/2092558/+files/config.tgz
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-l
I am unmarking this as a security issue. If a user is a part of a group
that is listed in getent, the user is supposed to be in that group and
any DAC checks should be checking for that. The fact that id shows fewer
groups is not a security issue-- the user should have fewer privileges
than with th