I re-logged in this morning into the server and i see the following on the server Any thoughts?
Thx again. SERVER: -sh-4.1$ id uid=59401108(akhi...@corpnonprd.xxxx.com) gid=59401108( akhi...@corpnonprd.xxxx.com) groups=59401108(akhi...@corpnonprd.xxxx.com) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 CLIENT: -sh-4.1$ id uid=59401108(akhi...@corpnonprd.xxxx.com) gid=59401108( akhi...@corpnonprd.xxxx.com) groups=59401108(akhi...@corpnonprd.xxxx.com),59400512(domain adm...@corpnonprd.xxxx.com),59400513(domain us...@corpnonprd.xxxx.com ),59401123(mirra-supapp-admin-corp-...@corpnonprd.xxxx.com),162200012(mirra-supapp-admin-nix-cde) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 -sh-4.1$ CLIENT LOG: (Tue Jun 4 09:35:51 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [ipa_s2n_get_user_done] (0x0040): s2n exop request failed. (Tue Jun 4 09:35:51 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sdap_id_op_done] (0x0200): communication error on cached connection, moving to next server (Tue Jun 4 09:35:51 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,110,User lookup failed (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=akhimji] (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup failed (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): command: PAM_AUTHENTICATE (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): user: akhi...@corpnonprd.xxxx.com (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): service: sshd (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): tty: ssh (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): ruser: (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): rhost: 10.210.240.246 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok type: 1 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok size: 11 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): priv: 1 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): cli_pid: 10644 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [check_for_valid_tgt] (0x0020): krb5_cc_retrieve_cred failed. (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_resolve_server_process] (0x0200): Found address for server didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200 (Tue Jun 4 09:36:17 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [krb5_find_ccache_step] (0x0080): Saved ccache FILE:/tmp/krb5cc_59401108_opsH3I if of different type than ccache in configuration file, reusing the old ccache (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [fo_set_port_status] (0x0100): Marking port 389 of server ' didmsvrua01.nix.corpnonprd.xxxx.com' as 'working' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [set_server_common_status] (0x0100): Marking server ' didmsvrua01.nix.corpnonprd.xxxx.com' as 'working' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>) [Success] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [child_sig_handler] (0x0100): child [10648] finished successfully. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): *Request processed. Returned 3,95,User lookup failed* (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): command: PAM_ACCT_MGMT (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): user: akhi...@corpnonprd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): service: sshd (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): tty: ssh (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): ruser: (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): rhost: 10.210.240.246 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): priv: 1 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): cli_pid: 10644 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_resolve_server_process] (0x0200): Found address for server didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_resolve_server_process] (0x0200): Found address for server didmsvrua01.nix.corpnonprd.xxxx.com: [10.137.216.162] TTL 1200 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: host/ rhidmclient.nix.corpnonprd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [child_sig_handler] (0x0100): child [10649] finished successfully. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [fo_set_port_status] (0x0100): Marking port 389 of server ' didmsvrua01.nix.corpnonprd.xxxx.com' as 'working' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [set_server_common_status] (0x0100): Marking server ' didmsvrua01.nix.corpnonprd.xxxx.com' as 'working' (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [ipa_hostgroup_info_done] (0x0200): No host groups were dereferenced (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [hbac_get_category] (0x0200): Category is set to 'all'. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [hbac_get_category] (0x0200): Category is set to 'all'. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [hbac_get_category] (0x0200): Category is set to 'all'. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [ipa_hbac_evaluate_rules] (0x0080): Access granted by HBAC rule [allow_all] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>) [Success] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sss_selinux_extract_user] (0x0040): sysdb_search_user_by_name failed. (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [ipa_selinux_handler] (0x0040): Cannot create op context (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Backend returned: (3, 4, <NULL>) [Internal Error (System error)] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Sending result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler_callback] (0x0100): Sent result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [4099][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): *Request processed. Returned 3,95,User lookup failed* (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup failed (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): command: PAM_SETCRED (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): user: akhi...@corpnonprd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): service: sshd (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): tty: ssh (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): ruser: (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): rhost: 10.210.240.246 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): priv: 1 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): cli_pid: 10644 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup failed (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): command: PAM_OPEN_SESSION (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): user: akhi...@corpnonprd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): service: sshd (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): tty: ssh (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): ruser: (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): rhost: 10.210.240.246 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): priv: 1 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): cli_pid: 10644 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [4099][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup failed (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=akhimji] (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,95,User lookup failed (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): command: PAM_SETCRED (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): domain: CorpNonPrd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): user: akhi...@corpnonprd.xxxx.com (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): service: sshd (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): tty: ssh (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): ruser: (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): rhost: 10.210.240.246 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): authtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): priv: 0 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [pam_print_data] (0x0100): cli_pid: 10650 (Tue Jun 4 09:36:18 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_pam_handler] (0x0100): Sending result [0][CorpNonPrd.xxxx.com] (Tue Jun 4 09:36:23 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [be_get_account_info] (0x0100): Got request for [4098][1][idnumber=162200012] (Tue Jun 4 09:36:23 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sdap_nested_get_user_send] (0x0080):* Couldn't parse out user information based on DN (null), falling back to an LDAP lookup* (Tue Jun 4 09:36:23 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sdap_save_grpmem] (0x0040): F*ailed to save user mirra-supapp-admin-nix-cde * (Tue Jun 4 09:36:23 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [sdap_save_groups] (0x0040): *Failed to store group 0 members*. (Tue Jun 4 09:36:23 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success Aly On Tue, Jun 4, 2013 at 3:56 AM, Sumit Bose <sb...@redhat.com> wrote: > On Mon, Jun 03, 2013 at 09:22:21PM -0400, Aly Khimji wrote: > > Hey guys, > > > > Just wanted to say thank you for all your support with everything and > > answering all my questions. > > > > Just wanted to show you something, maybe you can shed some light.. > > Below is my self running the ID command on 2 different nodes (1) the IDM > > server and the other the IDM client. I get two different results of my > user > > ID, the client being correct and the server not having the correct groups > > displaying with the ID, and even having one that has been deleted. > > > > Is there someplace this information in cached? or I can set an > invalidator > > so that the information is pulled down or is forced to expire quicker so > > its checked from AD? > > > > CLIENT: > > -sh-4.1$ hostname > > rhidmclient.nix.corpnonprd.xxxx.com > > -sh-4.1$ id > > uid=59401108(akhi...@corpnonprd.xxxx.com) gid=59401108( > > akhi...@corpnonprd.xxxx.com) > > groups=59401108(akhi...@corpnonprd.xxxx.com),59400512(domain > > adm...@corpnonprd.xxxx.com), > > 59400513(domain us...@corpnonprd.xxxx.com),59401123( > > mirra-supapp-admin-corp-...@corpnonprd.xxxx.com), > > 162200012(mirra-supapp-admin-nix-cde) > > context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 > > > > > > SERVER: > > didmsvrua01.nix.corpnonprd.xxxx.com > > [root@didmsvrua01 ~]# id akhimji@corpnonprd > > uid=59401108(akhi...@corpnonprd.xxxx.com) gid=59401108( > > akhi...@corpnonprd.xxxx.com) > > groups=59401108(akhi...@corpnonprd.xxxx.com),59400513,59400513,59401113( > > s...@corpnonprd.xxxx.com) > > > > just a note this group [59401113(s...@corpnonprd.xxxx.com)] was deleted > on > > AD, and correctly doesn't show up on the client, but remains in the > server. > > Group-memberships are cached for some time by SSSD so I would guess you > see cached data on the server. But during authentication the > group-memberships of a user are updated. Can you check if > s...@corpnonprd.xxxx.com does away if you log in with akhimji@corpnonprd > on the server? > > bye, > Sumit > > > > Please let me know if you need more info (eg logs, etc..) > > > > Thx > > > > Aly > > > _______________________________________________ > > Freeipa-users mailing list > > Freeipa-users@redhat.com > > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users >
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
