On 9/21/18 7:53 PM, Beale (US), Gareth wrote: ...
I'd consider this to be broken data. ... - you are entitled to your opinion. It is a hack, but it has worked for a long time as a workaround to deficiencies in services like NIS, and legacy Unix systems I don’t believe this is an uncommon solution, Frankly I never saw this. Personally I'd consider this to be rather uncommon. ... Your mileage may vary and it has worked fine for many years. Your systems really handled full group lookups by GID correctly? How? Ciao, Michael. Lookup by GID would likely return the most recently cached group with that GID (though that isn't the case with SSSD strangely). So a manual lookup by GID to find a user might not return the right result, but it doesn't appear to be how things work for most system utilities (groups, id etc.). I'm really looking for some assistance on this thread. I'm aware that opinions may vary, but the bottom line is that we are seeing errors and lookup failures that didn't happen before SSSD was inserted in front of LDAP. And the failures do not happen consistently. Also if having duplicate GIDs in the cache is an error, how did they get there in the first place? Clearly things are not working the way they should. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org