User not able to be added to local groups #576
Comments
|
Thank you for the report. We need some more information to debug the issue.
/usr/libexec/authd version
|
|
Hello Login with local account I tested this with a user who has 6 entra groups, including linux-sudo and linux-docker. The user is properly added to the local sudo and docker groups after login. |
We are not trying to add these local groups to Entra. The goal is to only add local groups. Having to create groups in Entra adds to the issue that the groups were not being pulled down. Most our users are in 400-500 entra groups. This presented us with the issue that only 100 groups were being pulled. Having actual local groups can be very useful. The other issue we started to see is that the login keychain is not created for the user. This could be related to this issue. Appreciate the response and if there is a solution that already exists please let me know. Thank you |
|
I think the group sync of authd at logon purges your local group if it doesn't find it in entra (linux-mylocalgroup). |
Yea, this is where other issues arise for us as well since we can't just name an entry group linux-mygroup. We have to use specific naming schemes for our groups and we have not been able to get exceptions for that. This is the reason for wanting local groups to just work without Entra |
|
I double that - in our case we just need to use some local groups that are managed by another system but now it seems they are cleared on each login. Another case is if we add linux-sudo to user then user get's sudo on all computers which may not be something we want. |
We as well would like be happy to add Entra authd users to local Linux groups without needing to have a group in Entra and I agree with this message. For our specific usecase, we want to add the Entra users to the local microk8s group to let a Entra user to manage it on a specific machine. |
|
Just checking in to see if there are any updates on this issue, regarding being able to add users to local groups without needing to have groups in Entra. This limitation continues to impact workflows, so any guidance or next steps would be highly appreciated. Thanks for your support! |
|
Hi @augustmultiply, thanks for reaching out. Since that seems to be an issue for multiple users, we plan to fix it within the next few weeks. |
Only remove the user from local groups which the user was added to by authd. Previously, authd removed the user from all local groups which are not configured in Microsoft Entra, so if the user was added to any local groups manually, it was removed from those groups again during the next login. Closes #576
Only remove the user from local groups which the user was added to by authd. Previously, authd removed the user from all local groups which are not configured in Microsoft Entra, so if the user was added to any local groups manually, it was removed from those groups again during the next login. Closes #576
Only remove the user from local groups which the user was added to by authd. Previously, authd removed the user from all local groups which are not configured in Microsoft Entra, so if the user was added to any local groups manually, it was removed from those groups again during the next login. Closes #576
Is there an existing issue for this?
Describe the issue
Users is not able to be added to any local groups. They are removed after reboot/logout.
Steps to reproduce
Login with local account
Create a group
Add the Entra user to the group
Check to see user is in the group
Reboot
Login with authd
Check users groups
User is not in the local group
System information and logs
No response
Double check your logs
The text was updated successfully, but these errors were encountered: