Hello all,
Some of our users access eos through CIFS protocol thanks to a host running Samba. This host is trusted by the MGM as gateway (eos vid add gateway
), so users authenticated through Samba are mapped to their identity when accessing eos. However, we realized that the secondary groups are not taken into account. They are correctly enabled when accessing with kerberos authentication.
Accessing with kerberos :
Virtual Identity: uid=61928 (61928,99) gid=40507 (99,61895,65422,29431,41068,54068,43590,63804,40507,22605,50003,504,507) [authz:krb5] host=host1.domain geo-location=JRC
Accessing from gateway, the groups are missing :
Virtual Identity: uid=61928 (61928,99) gid=40507 (40507) [authz:sss] host=host2.domain geo-location=JRC
Does someone has such a similar case ? Do you know if there is a way to enabled all groups in this case?