On Thu, Jun 14, 2012 at 8:16 PM, James M Pulver <[log in to unmask]> wrote:

I'm trying the steps outlined in this blogpost:
http://zews.org/rhel6-active-directory
which is actually working partially for me. I can log in (with some users anyway), it seems to get the home directory from LDAP and shell. It doesn't seem to get the groups. I have added (as listed in the example confs on that blog post) groups files sss
and even tried editing to
netgroup files sss
with no luck - it still seems to be using our old NIS to get groups.

Finally, finger seems to have cached information (we had %H/user) for home dir, that didn't work, changed to /home/user and then logins worked, but finger still shows the older entry...

Any ideas?

Did you turn off "nscd"? That daemon is helpful for systems with high loads to cache various data and reduce network traffic, but man, the delay to time out altered information can be very awkward when troubleshooting new configurations.