This discussion is archived
2 Replies Latest reply: Jun 15, 2010 8:57 AM by 807559 RSS

LDAP Secondary Groups

807559 Newbie
Currently Being Moderated
Solaris 10 integrated with 2003 AD using SFU 3.5 and native Solaris LDAP client

We are experiencing issues with secondary groups. Authentication works fine. A unix-configured AD user can log in to the Solaris box without fail.

Performing the "groups" or "id" command does not list all the groups a user is a member of...only the Primary group set in the UnixAttributes. I have tested this by login in with multiple user accounts...all with the same results.

I have also tried to use a third party application called Likewise Open which doesn't use the SFU components. Same issue occurs. User can authenticate but secondary groups are not read. This software on Ubuntu works.

Is anyone else seeing this? Is this a limitation of Solaris?