Red Hat Bugzilla – Bug 91768
User in multiple groups not handled correctly
Last modified: 2015-01-07 19:05:16 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021220
Description of problem:
When a user belongs to multiple groups, and ldap is used to determine user
information, only the primary group (the one in People) seems to be queried at
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Setup ldap server containing People, Group directories
2.Enter a user that belongs in multiple groups (memberUid)
2.Run authconfig and set up to get auth and user info from ldap
4.Log in as the user (via ssh, xdm, etc.)
5.Execute "id user" to see all groups the user belongs to
6.Now execute "id" alone and see only the primary group
Actual Results: When a user logs in, he is only a member of his primary group
so any other group privileges he should have are not active. Add the group
definitions into the /etc flat files and all is well. But try to query it only
from ldap and only the primary group is found.
Expected Results: When a user logs in, he should be given access to all groups
he is a member of.
Perhaps this is a configuration problem (especially if its unique only to me).
But the target host and the ldap server are 2 new RH9 loads so it seems like it
Must have been my mistake.
I am unable to replicate this now. As far as I can tell, it must have had
something to do with incorrect ACL in the ldap server, but I'm not sure.