[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP defined groups not set properly over ssh

This is probably a question for an ssh list but surely others have experienced 
the same issue so I will try here first.

I have just configured LDAP and imported my groups.  Everything seems to be 
fine except that when I use ssh to connect to another machine in the network 
the user only belongs to the groups defined in the /etc/group file on that 
server.  The groups defined in the openldap server are not set for the user.  
However, if I use telnet the groups are all set properly.  I have also 
noticed that I can su to a user and the groups are set properly after I have 
ssh'd to another machine.  Finally, when I have logged in over ssh even 
though the groups are not set properly if I run 'getent group' all of the 
LDAP defined groups are there.

So, it simply appears that logging in over ssh only sets the groups that are 
defined locally in /etc/group and does not set any groups defined elsewhere.  
It appears that everything is configured properly and the groups do get set 
properly when methods other than ssh are used to login.  Does anyone have an 
idea how to change this?