 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
I have a SuSE 10u2 server (foo) that has been joined to our AD domain. All accounts and groups are AD-only, nothing local. I can log in to foo as AD\user and running 'id' shows user's primary AD group/gid as well as all of the other AD groups he is part of. Trying to 'newgrp' to any of the non-primary groups, however, results in a password prompt. I have /etc/ldap.conf configured such that I can successfully 'ldapsearch' against AD and /etc/nsswitch.conf contains "group: compat ldap lsass". (lsass is Likewise Open, which we used to join the system to AD. Their mailing list was not helpful.)
If I add AD\user to a local group in /etc/group I can successfully newgrp to it and back to my primary AD gid w/o a password prompt.
Any thoughts on where to look next?
Thanks,
Dan
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
