OpenLDAP Windows and sssd with multiple groups Suse

Question

I have a OpenLDAP server (windows version) installed with user and groups correctly configured. Most of the users belongs to differents groups.

I have a problem with the sssd configuration to access the machines in the network. When I connect to one of the servers and make a:

id username

I obtain only one group, the primary group and there should be more groups. We have machines with Open Suse and Centos with the same problem and the sss.conf file content is:

[domain/default]

ldap_id_use_start_tls = False
cache_credentials = False
ldap_search_base = dc=gt,dc=local
krb5_realm = EXAMPLE.COM
krb5_server = kerberos.example.com
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://172.31.7.32/
ldap_tls_cacertdir = /etc/openldap/cacerts
ldap_tls_reqcert = never
ldap_schema = rfc2307bis
entry_cache_timeout = 600
ldap_network_timeout = 3
#ldap_access_filter = (&(objectclass=shadowaccount)(objectclass=posixaccount))

Any idea of why this is happening?

Answer 1

After investigate the problem, there were a few network problems that can affect. But definitively the problem was the cache of sssd. To delete the cache you only have to the delete the cache files.

On centos and ubuntu for example the cache files are located in: /var/lib/sss/bb/db

Normally there would be three files. Deleting the three files the cache is empty.