MS Active Directory & Linux: Auth with kerberos

136 views Asked by At

I'm using AWS Directory server (MS Active Directory type) to auth into my Linux machines.

I followed this and all is working fine but I Have permissions issues.

root@example3-core-test01:~# id [email protected]
uid=134401141([email protected]) gid=134402119([email protected]) groups=134402119([email protected]),134400513(domain [email protected]),134401137(aws delegated add workstations to domain [email protected])

I set the primary group as [email protected]. gid is 134402119. I wanted set as 1000. I used the Active Directory Users and Computers tool to set the Unix Atribute gidNumber to 1000 with the Attribute Editor. But the linux machines are using the MS gid instead the Unix gid.

How can I change the gid of users and groups to see the Unix Attributes instead the MS attributes in my Unix machines?

1

There are 1 answers

0
icalvete On BEST ANSWER

Solved after read point 2.2.3 of https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/sssd-integration-intro

My concrete problem was the sssd caches.

root@example3-core-test01:~# rm -f /var/lib/sss/db/*
root@example3-core-test01:~# service sssd restart