linuxactive-directorykerberossssd

MS Active Directory & Linux: Auth with kerberos


I'm using AWS Directory server (MS Active Directory type) to auth into my Linux machines.

I followed this and all is working fine but I Have permissions issues.

root@example3-core-test01:~# id test@example.net
uid=134401141(test@example.net) gid=134402119(ubuntu@example.net) groups=134402119(ubuntu@example.net),134400513(domain users@example.net),134401137(aws delegated add workstations to domain users@example.net)

I set the primary group as ubuntu@example.net. gid is 134402119. I wanted set as 1000. I used the Active Directory Users and Computers tool to set the Unix Atribute gidNumber to 1000 with the Attribute Editor. But the linux machines are using the MS gid instead the Unix gid.

How can I change the gid of users and groups to see the Unix Attributes instead the MS attributes in my Unix machines?


Solution

  • Solved after read point 2.2.3 of https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/sssd-integration-intro

    My concrete problem was the sssd caches.

    root@example3-core-test01:~# rm -f /var/lib/sss/db/*
    root@example3-core-test01:~# service sssd restart