Hi,

I'm having trouble getting a cluster of Fedora 16 installs (sssd-client-1.8.4-13.fc16.x86_64) to see secondary groups from my Open Directory server (rfc2307). I have a RHEL6 box (sssd-client-1.8.0-32.el6.x86_64) with an identical sssd.conf that does work. Is this a known issue or is there something wonky with my Fedora setup?

[fedora]# id ldapuser uid=9000(ldapuser) gid=5079(ps) groups=5079(ps)

[rhel63]# id ldapuser uid=9000(ldapuser) gid=5079(ps) groups=5079(ps),1000(cmcd),2004(sch-guest),1031(bc),1027(web)

[fedora]# ldapsearch -LLL -x -b cn=groups,dc=ldap,dc=in,dc=hwlab cn=sch-guest | grep ldapuser memberUid: ldapuser

my domain config in sssd.conf:

[domain/default] ldap_id_use_start_tls = False cache_credentials = True ldap_search_base = dc=ldap,dc=in,dc=hwlab krb5_realm = LDAP.IN.HWLAB krb5_server = ldap.in.hwlab,quasimoto.in.hwlab id_provider = ldap auth_provider = krb5 chpass_provider = krb5 ldap_uri = ldap://ldap.in.hwlab/,ldap://quasimoto.in.hwlab/ krb5_kpasswd = ldap.in.hwlab ldap_tls_cacertdir = /etc/openldap/cacerts

Thanks for any insight, Ian