[Freeipa-users] IPA different ID results on different nodes

[Aly Khimji]

Hey guys,

Just wanted to say thank you for all your support with everything and
answering all my questions.

Just wanted to show you something, maybe you can shed some light..
Below is my self running the ID command on 2 different nodes (1) the IDM
server and the other the IDM client. I get two different results of my user
ID, the client being correct and the server not having the correct groups
displaying with the ID, and even having one that has been deleted.

Is there someplace this information in cached? or I can set an invalidator
so that the information is pulled down or is forced to expire quicker so
its checked from AD?

CLIENT:
-sh-4.1$ hostname
rhidmclient.nix.corpnonprd.xxxx.com
-sh-4.1$ id
uid=59401108(akhimji at corpnonprd.xxxx.com) gid=59401108(
akhimji at corpnonprd.xxxx.com)
groups=59401108(akhimji at corpnonprd.xxxx.com),59400512(domain
admins at corpnonprd.xxxx.com),
59400513(domain users at corpnonprd.xxxx.com),59401123(
mirra-supapp-admin-corp-uat at corpnonprd.xxxx.com),
162200012(mirra-supapp-admin-nix-cde)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023


SERVER:
didmsvrua01.nix.corpnonprd.xxxx.com
[root at didmsvrua01 ~]# id akhimji at corpnonprd
uid=59401108(akhimji at corpnonprd.xxxx.com) gid=59401108(
akhimji at corpnonprd.xxxx.com)
groups=59401108(akhimji at corpnonprd.xxxx.com),59400513,59400513,59401113(
seca at corpnonprd.xxxx.com)

just a note this group [59401113(seca at corpnonprd.xxxx.com)] was deleted on
AD, and correctly doesn't show up on the client, but remains in the server.

Please let me know if you need more info (eg logs, etc..)

Thx

Aly
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130603/d5d99bc0/attachment.htm>