-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue: User is only added to a maximum of 100 groups #549
Comments
Hey, @namato1! Thanks for reporting this issue. Would you mind following the steps to enable the debug logs on the broker also? This can help us understand if something is going wrong on that side. Seeing that you can authenticate with the remote user, I suspect this group listing issue could be an inconsistency/limitation of Meanwhile, we have an updated version of |
Hi, please see attached logs. Provided an updated log as well |
Same problem here, I have 130 Azure groups on my user and I only see 100 under Ubuntu. Another user with 116 groups only sees 100 also. (101 exactly with the local group equal to the user login) My logs are like yours. Here the command to count groups |
Problem solved in version 0.3.6 edge, thanks guys. |
Right, this issue should indeed be fixed on the edge channel of the authd-msentraid snap. Thanks for confirming! |
Shouldn't the Microsoft 365 (Unified) groups be filtered out and only Security groups be enumerated by the broker? Unified groups can't be used for security on Windows so why would they be enumerated for Linux? |
Is there an existing issue for this?
Describe the issue
Our AD users have far to many groups and it seems to be random which groups get pulled down for each user. Users cannot have sudo access because there is no way to confirm if all there groups are pulled down. We confirmed ALL groups have GID's
We then tried to add the user to a local group and realized that AD users are not part of any local groups. Nor can we add them to a local group as they will be removed on logout
We tested the edge channel as well
Steps to reproduce
option 1: AD Groups
run sudo login
connect as user
run groups
notice multiple AD groups are missing
option 2: Local Group
login with authd account
run groups command
notice all missing local groups
System information and logs
authd version
authd-msentraid broker version
gnome-shell version
Distribution
Logs
authd broker configuration
/etc/authd/brokers.d/msentraid.conf
authd-msentraid configuration
Double check your logs
The text was updated successfully, but these errors were encountered: