[Freeipa-users] Groups
Rob Crittenden
rcritten at redhat.com
Tue Jul 28 20:37:46 UTC 2009
David Christensen wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> When I add a user to additional groups beyond ipausers; groups that were
> manually added, why is the ipa UI showing users belonging to the group,
> but not showing them belonging to the group when I run `getent group
> "groupname"`? If I just run `getent group` I see all the groups in ipa
> as well as any users that are assigned to them, which shows the users of
> the group that was empty when I ran getent group "groupname".
>
> Any reason why this is occuring?
>
Is nscd running? It may have cached the group. You can try restarting
nscd or invalidating the group cache with: nscd -i group.
nscd is a mixed blessing. It saves a lot of work for the LDAP server but
can cause lots of grief like this. Fortunately it has a *ton* of knobs
to turn, see nscd.conf for details on tuning your caches (positive and
negative).
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20090728/e6e2335c/attachment.bin>
More information about the Freeipa-users
mailing list