On Mon, 2012-05-07 at 17:11 +0200, Buchan Milne wrote:
On Monday, 7 May 2012 16:22:58 Braden McDaniel wrote:
On Mon, 2012-05-07 at 11:27 +0200, Buchan Milne wrote:
On Monday, 7 May 2012 08:04:34 Braden McDaniel wrote:
If I remove the user from the group in LDAP, that is reflected in the output of "groups". But, when I add it back, "groups" shows the (local) group associated with the old GID, not the new one.
So it's as if something on the client side has gotten the group *name* from LDAP and has locally cached an association with the old GID.
You have a local group and an LDAP group, with the same name, and different GIDs?
Not "have"; *had*. I changed the LDAP group GID to match the local grou GID. But "groups" still shows the local group associated with the old GID.
So, you no longer have local and LDAP groups with the same *name* ?
I do; but that name is not what shows up in the out put of "groups" (or "id"). There is no corresponding group name "pulse-access" in LDAP and there is no LDAP group with GID 990.
If so, there is something weird.
That is my impression.