2 Replies Latest reply on Jun 15, 2010 3:57 PM by 807559

    LDAP Secondary Groups

      Solaris 10 integrated with 2003 AD using SFU 3.5 and native Solaris LDAP client

      We are experiencing issues with secondary groups. Authentication works fine. A unix-configured AD user can log in to the Solaris box without fail.

      Performing the "groups" or "id" command does not list all the groups a user is a member of...only the Primary group set in the UnixAttributes. I have tested this by login in with multiple user accounts...all with the same results.

      I have also tried to use a third party application called Likewise Open which doesn't use the SFU components. Same issue occurs. User can authenticate but secondary groups are not read. This software on Ubuntu works.

      Is anyone else seeing this? Is this a limitation of Solaris?