I am working with a customer running RHEL V6.4. They are using ldap for authentication. No problem authenticating a users login but the gids are not consistantly being translated to group names when running id,ls -l or other commands that display the group information. They are using sssd with caching enabled.
They are using encrypted communications between the client and server but at my request they switched to unencrypted (port 389) so we could capture a tcpdump. The dump was taken for an ls -l command and it does show two differnt gid's sent to the ldap server and the correct group names are being returned.
However, the ls command only shows the gid values and not the names.
They mentioned that if they run getent group groupname, sssd will cache that information for a while until the entry times out and then the group names are no longer displayed.
I am not sure how to further debug this and cannot explain why when the ldap server returns the correct group names, it is not being displayed by the host commands.
Can anyone suggest some other techniques to find out where the group names are being dropped ?
Any help greatly appreciated.
Al Licause