[Freeipa-users] id: cannot find name for group ID
Mark Heslin
mheslin at redhat.com
Fri Jul 25 14:54:20 UTC 2014
On 07/24/2014 11:33 PM, Jatin Nansi wrote:
> What does
>
> getent group ose-developers
> getent group 889000002
>
> on the ipa client show? the client sssd nss and domain logs will log
> any relevant errors.
>
> Jatin
Hi Jatin,
Beats me but - apparently it's working fine now:
$ ssh -Y -l ose-dev1 rhc1.interop.example.com
Last login: Thu Jul 24 19:51:19 2014 from xrhc1.interop.example.com
Kickstarted on 2013-12-11
[ose-dev1 at rhc1 ~]$ getent group ose-developers
ose-developers:*:889000002:
[ose-dev1 at rhc1 ~]$ getent group 889000002
ose-developers:*:889000002:
[ose-dev1 at rhc1 ~]$ id
uid=889000002(ose-dev1) gid=889000002*(ose-developers)*
groups=889000002(ose-developers)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
I rebooted both IdM servers, client about an hour before - maybe the
client had old cache entries?
Thanks and sorry for the false alarm.
-m
>
> On 25/07/14 13:22, Mark Heslin wrote:
>> Happy Friday,
>>
>> I'm getting this message on login to an IPA client and not sure why:
>>
>> $ ssh -Y -l *ose-dev1* rhc1.interop.example.com
>> ose-dev1 at rhc1.interop.example.com's password:
>> Last login: Thu Jul 24 19:46:46 2014 from rhc1.interop.example.com
>> Kickstarted on 2013-12-11
>> *id: cannot find name for group ID 889000002* <--- ???
>>
>> The group and account were created about 2 months ago on an IdM (RHEL
>> 7) server as follows:
>>
>> #*ipa group-add ose-developers --desc="OpenShift Developers"
>> --gid=889000002 *
>> ----------------------------
>> Added group "ose-developers"
>> ----------------------------
>> Group name: ose-developers
>> Description: OpenShift Developers
>> *GID: 889000002*
>>
>> #*ipa user-add ose-dev1 --first="OSE" --last="Dev 1"
>> --displayname="OpenShift Developer 1" --homedir="/home/ose-dev1"
>> --shell="/bin/bash" **
>> ****--uid=889000002 --gidnumber=889000002 --password *
>> Password: *******
>> Enter Password again to verify:
>> ---------------------
>> Added user "ose-dev1"
>> ---------------------
>> User login: ose-dev1
>> First name: OSE
>> Last name: Dev 1
>> Full name: OSE Dev 1
>> Display name: OpenShift Developer 1
>> Initials: OD
>> Home directory: /home/ose-dev1
>> GECOS: OSE Dev 1
>> Login shell: /bin/bash
>> Kerberos principal: ose-dev1 at INTEROP.EXAMPLE.COM
>> Email address: ose-dev1 at interop.example.com
>> UID: 889000002
>> *GID: 889000002 *
>> Password: True
>> Member of groups: ipausers
>> Kerberos keys available: True
>>
>> On the IdM server, when I run 'group-show', 'group-find' I get:
>>
>> # ipa group-show ose-developers
>> Group name:*ose-developers *
>> Description: OpenShift Developers
>> *GID: 889000002 *
>>
>> # ipa group-find ose-developers
>> ---------------
>> 1 group matched
>> ---------------
>> Group name:*ose-developers*
>> Description: OpenShift Developers
>> *GID: 889000002*
>> ----------------------------
>> Number of entries returned 1
>> ----------------------------
>>
>> and 'user-show' returns:
>>
>> # ipa user-show ose-dev1
>> User login: ose-dev1
>> First name: OSE
>> Last name: Dev 1
>> Home directory: /home/ose-dev1
>> Login shell: /bin/bash
>> Email address: ose-dev1 at interop.example.com
>> UID: 889000002
>> *GID: 889000002*
>> Account disabled: False
>> Password: True
>> Member of groups: ipausers
>> Kerberos keys available: True
>>
>> so clearly the groups, user entries are correct in IdM. On first
>> login, the homedir
>> is created but the group name is not resolved:
>>
>> $ pwd
>> /home/ose-dev1
>> [ose-dev1 at xrhc1 ~]$ ls -lad .
>> drwxr-xr-x. 3 ose-dev1 *889000002* 4096 Jul 24 19:51 .
>> $ id
>> uid=889000002(ose-dev1) *gid=889000002* groups=889000002
>> context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
>>
>> Is there some other client side lookup issue that is causing this?
>> Why doesn't *gid=889000002* map to (*ose-developers*)?
>>
>> Thanks!
>>
>> -m
>>
>>
>> --
>>
>> Red Hat Reference Architectures
>>
>> Follow Us:https://twitter.com/RedHatRefArch
>> Plus Us:https://plus.google.com/u/0/b/114152126783830728030/
>> Like Us:https://www.facebook.com/rhrefarch
>>
>>
>
>
>
--
Red Hat Reference Architectures
Follow Us: https://twitter.com/RedHatRefArch
Plus Us: https://plus.google.com/u/0/b/114152126783830728030/
Like Us: https://www.facebook.com/rhrefarch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140725/0d4eccc7/attachment.htm>
More information about the Freeipa-users
mailing list