<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
If this line is in /etc/nsswitch.conf:<br>
<br>
passwd: files sss<br>
<br>
Why would the user account from IPA get used when an identical one
exists in /etc/passwd? We can tell because of some additional groups
granted when authentication comes from IPA.<br>
<br>
If I shut down sssd, then login proceeds through /etc/passwd as
expected, but as soon as I restart sssd, this behavior starts again.
It's almost as if nsswitch.conf is being ignored or read
right-to-left.<br>
<br>
Just another oddity I uncovered on one system as I was
troubleshooting a particularly long "ssh localhost" and trying to
rule things out.<br>
<br>
<br>
<div class="moz-signature">-- <br>
<div><b>Bret Wortman</b></div>
<div><img src="cid:part1.09040305.03090104@damascusgrp.com"
height="53/" width="200"><br>
</div>
<div><a href="http://damascusgrp.com/">http://damascusgrp.com/</a><br>
</div>
<div><a href="http://about.me/wortmanbret">http://about.me/wortmanbret</a><br>
<br>
</div>
</div>
</body>
</html>