[Freeipa-users] id: cannot find name for group ID
Jatin Nansi
jnansi at redhat.com
Fri Jul 25 03:33:55 UTC 2014
What does
getent group ose-developers
getent group 889000002
on the ipa client show? the client sssd nss and domain logs will log any
relevant errors.
Jatin
On 25/07/14 13:22, Mark Heslin wrote:
> Happy Friday,
>
> I'm getting this message on login to an IPA client and not sure why:
>
> $ ssh -Y -l *ose-dev1* rhc1.interop.example.com
> ose-dev1 at rhc1.interop.example.com's password:
> Last login: Thu Jul 24 19:46:46 2014 from rhc1.interop.example.com
> Kickstarted on 2013-12-11
> *id: cannot find name for group ID 889000002* <--- ???
>
> The group and account were created about 2 months ago on an IdM (RHEL
> 7) server as follows:
>
> #*ipa group-add ose-developers --desc="OpenShift Developers"
> --gid=889000002 *
> ----------------------------
> Added group "ose-developers"
> ----------------------------
> Group name: ose-developers
> Description: OpenShift Developers
> *GID: 889000002*
>
> #*ipa user-add ose-dev1 --first="OSE" --last="Dev 1"
> --displayname="OpenShift Developer 1" --homedir="/home/ose-dev1"
> --shell="/bin/bash" **
> ****--uid=889000002 --gidnumber=889000002 --password *
> Password: *******
> Enter Password again to verify:
> ---------------------
> Added user "ose-dev1"
> ---------------------
> User login: ose-dev1
> First name: OSE
> Last name: Dev 1
> Full name: OSE Dev 1
> Display name: OpenShift Developer 1
> Initials: OD
> Home directory: /home/ose-dev1
> GECOS: OSE Dev 1
> Login shell: /bin/bash
> Kerberos principal: ose-dev1 at INTEROP.EXAMPLE.COM
> Email address: ose-dev1 at interop.example.com
> UID: 889000002
> *GID: 889000002 *
> Password: True
> Member of groups: ipausers
> Kerberos keys available: True
>
> On the IdM server, when I run 'group-show', 'group-find' I get:
>
> # ipa group-show ose-developers
> Group name:*ose-developers *
> Description: OpenShift Developers
> *GID: 889000002 *
>
> # ipa group-find ose-developers
> ---------------
> 1 group matched
> ---------------
> Group name:*ose-developers*
> Description: OpenShift Developers
> *GID: 889000002*
> ----------------------------
> Number of entries returned 1
> ----------------------------
>
> and 'user-show' returns:
>
> # ipa user-show ose-dev1
> User login: ose-dev1
> First name: OSE
> Last name: Dev 1
> Home directory: /home/ose-dev1
> Login shell: /bin/bash
> Email address: ose-dev1 at interop.example.com
> UID: 889000002
> *GID: 889000002*
> Account disabled: False
> Password: True
> Member of groups: ipausers
> Kerberos keys available: True
>
> so clearly the groups, user entries are correct in IdM. On first
> login, the homedir
> is created but the group name is not resolved:
>
> $ pwd
> /home/ose-dev1
> [ose-dev1 at xrhc1 ~]$ ls -lad .
> drwxr-xr-x. 3 ose-dev1 *889000002* 4096 Jul 24 19:51 .
> $ id
> uid=889000002(ose-dev1) *gid=889000002* groups=889000002
> context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
>
> Is there some other client side lookup issue that is causing this? Why
> doesn't *gid=889000002* map to (*ose-developers*)?
>
> Thanks!
>
> -m
>
>
> --
>
> Red Hat Reference Architectures
>
> Follow Us:https://twitter.com/RedHatRefArch
> Plus Us:https://plus.google.com/u/0/b/114152126783830728030/
> Like Us:https://www.facebook.com/rhrefarch
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140725/8b4a4240/attachment.htm>
More information about the Freeipa-users
mailing list