Hi Remi, Yes it does return the same id. See below: johndoe@ecolonnelli:~ $ id uid=71953(johndoe) gid=100026(Faculty_Collab) groups=100026(Faculty_Collab),100181(ecolonnelli_access) johndoe@ecolonnelli:~ $ id johndoe uid=71953(johndoe) gid=100026(Faculty_Collab) groups=100026(Faculty_Collab),1000(projectsbrasil),1003(core),1549(rais),1550(rfb),1552(polconnfirms),1558(vpce),1559(rfb_all),1563(johndoe),100181(ecolonnelli_access)
*Fritz Ratnasamy* Data Scientist Information Technology The University of Chicago Booth School of Business 5807 S. Woodlawn Chicago, Illinois 60637 Phone: +(1) 773-834-4556 On Fri, Jan 28, 2022 at 2:04 AM Rémi Palancher <r...@rackslab.io> wrote: > Le vendredi 28 janvier 2022 à 06:56, Ratnasamy, Fritz < > fritz.ratnas...@chicagobooth.edu> a écrit : > > > Hi, > > > > I have a similar issue as described on the following link ( > https://groups.google.com/g/slurm-users/c/6SnwFV-S_Nk)A machine had some > existing local permissions. We have added it as a compute node to our > cluster via Slurm. When running an srun interactive session on that > server,it would seem that the LDAP groups shadow the local groups. > > > > johndoe@ecolonnelli:~ $ groups > > > > Faculty_Collab ecolonnelli_access #Those are LDAP groups > > > > johndoe@ecolonnelli:~ $ groups johndoe > > > > johndoe : Faculty_Collab projectsbrasil core rais rfb polconnfirms > johndoe vpce rfb_all backup_johndoe ecolonnelli_access > > The difference between the first and the second command could be the UID > used for the resolution. The first command calls getgroups() syscall using > the UID of the shell. The second command resolves johndoe UID through > nsswitch stack then looks after the groups of this UID. > > Do you have johndoe declared in both local /etc/passwd and LDAP directory > with different UID? > > Do `id` and `id johndoe` return the same UID? > > -- > Rémi Palancher > Rackslab: Open Source Solutions for HPC Operations > https://rackslab.io > > > CAUTION: This email has originated outside of University email systems. > Please do not click links or open attachments unless you recognize the > sender and trust the contents as safe. > >
