[Freeipa-users] HBAC access denied, all AD groups not detected
Jakub Hrozek
jhrozek at redhat.com
Tue May 17 12:34:59 UTC 2016
On Tue, May 17, 2016 at 03:08:37PM +1000, Lachlan Musicman wrote:
> FWIW,
>
> We are seeing the issues that are described here:
>
> https://www.redhat.com/archives/freeipa-users/2015-December/msg00046.html
>
> I was about to write when I found this, it explains exactly what I am
> seeing - right down to the "impossible to reproduce because it's so
> (seemingly) random".
>
>
> I am about to read up on the SSSD trouble shooting in order to up the logs
> &etc, but here is some output I can share - note that this all happened in
> ~5 minutes. As you can see, clearing the cache has various unpredictable
> effects. Both users should return the same list of groups. This was
> performed on a FreeIPA client.
There were some bugs related to external groups, what server and client
packages version are you running?
More information about the Freeipa-users
mailing list