FreeIPA 4.0.3 server with SSSD 1.9.2 on CentOS6 Seems that group membership is completely inconsistent
Running "id" in shell as my user on: * ipa server - I am a member of 2 groups * Server that just came up and joined - 1 group * Server that has been up for some time - 5 groups Via UI: Member of 7 groups directly and 1 indirect Gets weirder - I added a line to sudoers file (not ipa sudo support, can't get that to work) allowing certain group I am a member of. If I run sudo as the user - i get rejected as not being in sudoers, however if I run check as root: sudo -l -U username I see that I should be allowed. More wierdness, If I do "getent group <groupname>" - it shows me as a member - but I do not recall having this much trouble with same sssd and 3.0 server :-( Any thoughts? -M
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project