Issue: User is only added to a maximum of 100 groups

[namato1]

Is there an existing issue for this?

• [X] I have searched the existing issues and found none that matched mine

Describe the issue

Our AD users have far to many groups and it seems to be random which groups get pulled down for each user. Users cannot have sudo access because there is no way to confirm if all there groups are pulled down. We confirmed ALL groups have GID's

We then tried to add the user to a local group and realized that AD users are not part of any local groups. Nor can we add them to a local group as they will be removed on logout

We tested the edge channel as well

Steps to reproduce

option 1: AD Groups run sudo login connect as user run groups notice multiple AD groups are missing

option 2: Local Group login with authd account run groups command notice all missing local groups

System information and logs

authd version

authd   0.3.4~ppa3

authd-msentraid broker version

name:      authd-msentraid
summary:   MSEntra ID broker for authd
publisher: Canonical**
store-url: https://snapcraft.io/authd-msentraid
license:   GPL-3.0
description: |
  This is the MS Entra ID broker snap for authd  to provide MS Entra ID OIDC
  based authentication on Ubuntu with authd.
services:
  authd-msentraid: simple, enabled, active
snap-id:      vS3oJLMss6lgWwoFcPqYDUA2HB20I1Dc
tracking:     0.x/stable
refresh-date: today at 17:07 UTC
channels:
  0.x/stable:    0.1                 2024-09-16 (44) 17MB -
  0.x/candidate: ^                                        
  0.x/beta:      ^                                        
  0.x/edge:      0.1+4fe9826.0f76acc 2024-09-20 (51) 18MB -
installed:       0.1                            (44) 17MB -

gnome-shell version

gnome-shell:
  Installed: 46.3.1-1ubuntu1~24.04.1
  Candidate: 46.3.1-1ubuntu1~24.04.1
  Version table:
 *** 46.3.1-1ubuntu1~24.04.1 500
        500 https://ppa.launchpadcontent.net/ubuntu-enterprise-desktop/authd/ubuntu noble/main amd64 Packages
        100 /var/lib/dpkg/status
     46.0-0ubuntu6~24.04.4 500
        500 http://us.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
     46.0-0ubuntu6~24.04.3 500
        500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
     46.0-0ubuntu5 500
        500 http://us.archive.ubuntu.com/ubuntu noble/main amd64 Packages
     45.2-0ubuntu1.1 500
        500 http://security.ubuntu.com/ubuntu mantic-security/main amd64 Packages
     45.0-1ubuntu2 500
        500 http://archive.ubuntu.com/ubuntu mantic/main amd64 Packages
     42.9-0ubuntu2.2 500
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
     42.0-2ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages

Distribution

Distributor ID: Ubuntu
Description:    Ubuntu 24.04.1 LTS
Release:    24.04
Codename:   noble

Logs

[  111.633444] test-device systemd[1]: Starting authd.service - Authd daemon service...
[  111.653124] test-device authd[9526]: WARNING Broker configuration directory "/etc/authd/brokers.d/" does not exist, only local broker will be available
[  111.657206] test-device systemd[1]: Started authd.service - Authd daemon service.
[  123.233188] test-device authd[9526]: 2024/09/23 17:07:39 WARN rpc error: code = NotFound desc =
[  124.185591] test-device systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  124.364343] test-device systemd[1]: Stopping authd.service - Authd daemon service...
[  124.365532] test-device systemd[1]: authd.service: Deactivated successfully.
[  124.365702] test-device systemd[1]: Stopped authd.service - Authd daemon service.
[  124.386424] test-device systemd[1]: Starting authd.service - Authd daemon service...
[  124.403077] test-device systemd[1]: Started authd.service - Authd daemon service.
[  124.460435] test-device systemd[1]: Stopping snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid...
[  124.465529] test-device systemd[1]: snap.authd-msentraid.authd-msentraid.service: Deactivated successfully.
[  124.465687] test-device systemd[1]: Stopped snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  124.483570] test-device systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  129.416683] test-device authd[11498]: 2024/09/23 17:07:45 WARN rpc error: code = NotFound desc =
[  180.384824] test-device authd[11498]: 2024/09/23 17:08:36 WARN rpc error: code = NotFound desc =
[  180.400736] test-device authd[11498]: 2024/09/23 17:08:36 WARN rpc error: code = NotFound desc =
[  180.401920] test-device authd[11498]: 2024/09/23 17:08:36 WARN rpc error: code = NotFound desc =
[  180.431585] test-device authd[11498]: 2024/09/23 17:08:36 WARN rpc error: code = NotFound desc =
[  180.844669] test-device authd[11498]: 2024/09/23 17:08:37 WARN rpc error: code = NotFound desc =
[  187.178700] test-device authd[11498]: 2024/09/23 17:08:43 WARN rpc error: code = NotFound desc =
[  189.451461] test-device authd[11498]: 2024/09/23 17:08:45 WARN rpc error: code = NotFound desc =
[  190.310284] test-device authd[11498]: 2024/09/23 17:08:46 WARN rpc error: code = NotFound desc =
[  190.311424] test-device authd[11498]: 2024/09/23 17:08:46 WARN rpc error: code = NotFound desc =
[  190.318115] test-device authd[11498]: 2024/09/23 17:08:46 WARN rpc error: code = NotFound desc =
[  190.321177] test-device authd[11498]: 2024/09/23 17:08:46 WARN rpc error: code = NotFound desc =
[  197.178334] test-device authd[11498]: 2024/09/23 17:08:53 WARN rpc error: code = NotFound desc =
[  204.682444] test-device authd[11498]: 2024/09/23 17:09:01 WARN rpc error: code = NotFound desc =
[  206.889547] test-device authd[11498]: 2024/09/23 17:09:03 WARN rpc error: code = NotFound desc =
[  207.178779] test-device authd[11498]: 2024/09/23 17:09:03 WARN rpc error: code = NotFound desc =
[  224.593675] test-device authd[11498]: 2024/09/23 17:09:21 WARN rpc error: code = NotFound desc =
[  228.286308] test-device authd[11498]: 2024/09/23 17:09:24 WARN rpc error: code = NotFound desc =
[  249.479353] test-device authd[11498]: 2024/09/23 17:09:45 WARN rpc error: code = NotFound desc =
[  266.943958] test-device authd[11498]: 2024/09/23 17:10:03 WARN rpc error: code = NotFound desc =
[  273.088304] test-device authd[11498]: 2024/09/23 17:10:09 WARN rpc error: code = NotFound desc =
[  281.149103] test-device authd[11498]: 2024/09/23 17:10:17 WARN rpc error: code = NotFound desc =
[  283.945294] test-device authd[11498]: 2024/09/23 17:10:20 WARN rpc error: code = NotFound desc =
[  309.560016] test-device authd[11498]: 2024/09/23 17:10:46 WARN rpc error: code = NotFound desc =
[  329.236133] test-device authd[11498]: 2024/09/23 17:11:05 WARN rpc error: code = NotFound desc =
[  329.236897] test-device authd[11498]: 2024/09/23 17:11:05 WARN rpc error: code = NotFound desc =
[  329.237818] test-device authd[11498]: 2024/09/23 17:11:05 WARN rpc error: code = NotFound desc =
[  329.238459] test-device authd[11498]: 2024/09/23 17:11:05 WARN rpc error: code = NotFound desc =
[  330.327182] test-device authd[11498]: 2024/09/23 17:11:06 WARN rpc error: code = NotFound desc =
[  330.328481] test-device authd[11498]: 2024/09/23 17:11:06 WARN rpc error: code = NotFound desc =
[  330.329509] test-device authd[11498]: 2024/09/23 17:11:06 WARN rpc error: code = NotFound desc =
[  330.329933] test-device authd[11498]: 2024/09/23 17:11:06 WARN rpc error: code = NotFound desc =
[  365.293671] test-device authd[11498]: 2024/09/23 17:11:41 WARN rpc error: code = NotFound desc =
[  460.321361] test-device authd[11498]: 2024/09/23 17:13:16 WARN rpc error: code = NotFound desc =
[  462.379159] test-device authd[11498]: 2024/09/23 17:13:18 WARN rpc error: code = NotFound desc =
[  466.747859] test-device authd[11498]: 2024/09/23 17:13:23 WARN rpc error: code = NotFound desc =
[  473.754658] test-device gpasswd[27424]: user user@example.com.com removed by root from group root
[  508.947254] test-device authd[11498]: 2024/09/23 17:14:05 WARN rpc error: code = NotFound desc =
[  618.286496] test-device authd[11498]: 2024/09/23 17:15:54 WARN rpc error: code = NotFound desc =
[  632.897919] test-device authd[11498]: 2024/09/23 17:16:09 WARN rpc error: code = NotFound desc =
[  740.611206] test-device authd[11498]: 2024/09/23 17:17:57 WARN rpc error: code = NotFound desc =
[  782.992475] test-device authd[11498]: 2024/09/23 17:18:39 WARN rpc error: code = NotFound desc =
[  787.430635] test-device authd[11498]: 2024/09/23 17:18:43 WARN rpc error: code = NotFound desc =
[  829.476742] test-device authd[11498]: 2024/09/23 17:19:25 WARN rpc error: code = NotFound desc =
[  857.751273] test-device authd[11498]: 2024/09/23 17:19:54 WARN rpc error: code = NotFound desc =
[  857.758134] test-device authd[11498]: 2024/09/23 17:19:54 WARN rpc error: code = NotFound desc =
[  868.712216] test-device authd[11498]: 2024/09/23 17:20:05 WARN rpc error: code = NotFound desc =
[  868.716391] test-device authd[11498]: 2024/09/23 17:20:05 WARN rpc error: code = NotFound desc =
[  878.094385] test-device authd[11498]: 2024/09/23 17:20:14 WARN rpc error: code = NotFound desc =
[  878.102500] test-device authd[11498]: 2024/09/23 17:20:14 WARN rpc error: code = NotFound desc =
[  893.259328] test-device authd[11498]: 2024/09/23 17:20:29 WARN rpc error: code = NotFound desc =
[  893.263718] test-device authd[11498]: 2024/09/23 17:20:29 WARN rpc error: code = NotFound desc =
[ 1068.462436] test-device authd[11498]: 2024/09/23 17:23:24 WARN rpc error: code = NotFound desc =
[ 1068.467416] test-device authd[11498]: 2024/09/23 17:23:24 WARN rpc error: code = NotFound desc =
[ 1073.467989] test-device authd[11498]: 2024/09/23 17:23:29 WARN rpc error: code = NotFound desc =
[ 1073.472404] test-device authd[11498]: 2024/09/23 17:23:29 WARN rpc error: code = NotFound desc =
[ 1088.407975] test-device authd[11498]: 2024/09/23 17:23:44 WARN rpc error: code = NotFound desc =
[ 1088.412657] test-device authd[11498]: 2024/09/23 17:23:44 WARN rpc error: code = NotFound desc =
[ 1182.165963] test-device authd[11498]: 2024/09/23 17:25:18 WARN rpc error: code = NotFound desc =
[ 1182.167688] test-device authd[11498]: 2024/09/23 17:25:18 WARN rpc error: code = NotFound desc =
[ 1183.428666] test-device gdm-authd][30677]: gkr-pam: no password is available for user
[ 1183.458317] test-device gdm-authd][30677]: pam_intune(gdm-authd:session): No authtok available; password policies will fail: No module specific data is present
[ 1183.459204] test-device gdm-authd][30677]: pam_unix(gdm-authd:session): session opened for user user@example.com.com(uid=843501783) by user@example.com.com(uid=0)
[ 1183.795099] test-device gdm-authd][30677]: gkr-pam: couldn't unlock the login keyring.
[ 1184.078655] test-device authd[11498]: 2024/09/23 17:25:20 WARN rpc error: code = NotFound desc =
[ 1184.079578] test-device authd[11498]: 2024/09/23 17:25:20 WARN rpc error: code = NotFound desc =
[ 1184.081452] test-device authd[11498]: 2024/09/23 17:25:20 WARN rpc error: code = NotFound desc =
[ 1188.102299] test-device authd[11498]: 2024/09/23 17:25:24 WARN rpc error: code = NotFound desc =
[ 1246.549122] test-device authd[11498]: 2024/09/23 17:26:23 WARN rpc error: code = NotFound desc =
[ 1247.655465] test-device authd[11498]: 2024/09/23 17:26:24 WARN rpc error: code = NotFound desc =
[ 1642.137136] test-device authd[11498]: 2024/09/23 17:32:58 WARN rpc error: code = NotFound desc =
[ 2010.738581] test-device gdm-authd][30677]: pam_unix(gdm-authd:session): session closed for user user@example.com.com
[ 2015.854119] test-device gdm-authd][36629]: pam_intune(gdm-authd:auth): Creating auth context
[ 2015.856125] test-device gdm-authd][36629]: gkr-pam: unable to locate daemon control file
[ 2015.856220] test-device gdm-authd][36629]: gkr-pam: stashed password to try later in open session
[ 2015.880010] test-device gdm-authd][36629]: pam_intune(gdm-authd:session): Processing user session startup
[ 2015.880329] test-device gdm-authd][36629]: pam_intune(gdm-authd:session): Processed Intune policy for localUser
[ 2015.880364] test-device gdm-authd][36629]: pam_unix(gdm-authd:session): session opened for user localUser(uid=1000) by localUser(uid=0)
[ 2016.135413] test-device gdm-authd][36629]: gkr-pam: unlocked login keyring
[ 2016.407592] test-device authd[11498]: 2024/09/23 17:39:12 WARN rpc error: code = NotFound desc =
[ 2016.409554] test-device authd[11498]: 2024/09/23 17:39:12 WARN rpc error: code = NotFound desc =
[ 2016.411314] test-device authd[11498]: 2024/09/23 17:39:12 WARN rpc error: code = NotFound desc =
[ 2018.195596] test-device authd[11498]: 2024/09/23 17:39:14 WARN rpc error: code = NotFound desc =
[ 2022.168135] test-device authd[11498]: 2024/09/23 17:39:18 WARN rpc error: code = NotFound desc =
[ 2069.420149] test-device authd[11498]: 2024/09/23 17:40:05 WARN rpc error: code = NotFound desc =
[ 2069.424317] test-device authd[11498]: 2024/09/23 17:40:05 WARN rpc error: code = NotFound desc =
[ 2074.589293] test-device authd[11498]: 2024/09/23 17:40:11 WARN rpc error: code = NotFound desc =
[ 2074.597809] test-device authd[11498]: 2024/09/23 17:40:11 WARN rpc error: code = NotFound desc =
[ 2078.944317] test-device authd[11498]: 2024/09/23 17:40:15 WARN rpc error: code = NotFound desc =
[ 2082.034324] test-device authd[11498]: 2024/09/23 17:40:18 WARN rpc error: code = NotFound desc =
[ 2101.529749] test-device authd[11498]: 2024/09/23 17:40:38 WARN rpc error: code = NotFound desc =
[ 2114.894393] test-device authd[11498]: 2024/09/23 17:40:51 WARN rpc error: code = NotFound desc =
[ 2114.896801] test-device authd[11498]: 2024/09/23 17:40:51 WARN rpc error: code = NotFound desc =
[ 2114.897055] test-device authd[11498]: 2024/09/23 17:40:51 WARN rpc error: code = NotFound desc =
[ 2146.116404] test-device authd[11498]: 2024/09/23 17:41:22 WARN rpc error: code = NotFound desc =
[ 2148.836751] test-device gdm-authd][36629]: pam_unix(gdm-authd:session): session closed for user localUser
[ 2148.851244] test-device systemd[1]: Stopping authd.service - Authd daemon service...
[ 2148.913464] test-device systemd[1]: Stopping snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid...
[ 2148.965345] test-device systemd[1]: authd.service: Deactivated successfully.
[ 2148.965514] test-device systemd[1]: Stopped authd.service - Authd daemon service.
[ 2148.965681] test-device systemd[1]: authd.service: Consumed 14.664s CPU time, 8.3M memory peak, 0B memory swap peak.
[ 2148.967048] test-device systemd[1]: snap.authd-msentraid.authd-msentraid.service: Deactivated successfully.
[ 2148.967274] test-device systemd[1]: Stopped snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
-- Boot bd39bd3cf5874fa7b807ff545670b017 --
[    4.586610] test-device systemd[1]: Starting authd.service - Authd daemon service...
[    4.588261] test-device systemd[1]: Started authd.service - Authd daemon service.
[    5.265432] test-device systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[   17.764912] test-device gpasswd[2809]: user user@example.com.com removed by root from group localsudogroup
[   17.820876] test-device gdm-authd][2737]: gkr-pam: no password is available for user
[   17.848689] test-device gdm-authd][2737]: pam_intune(gdm-authd:session): No authtok available; password policies will fail: No module specific data is present
[   17.849554] test-device gdm-authd][2737]: pam_unix(gdm-authd:session): session opened for user user@example.com.com(uid=843501783) by user@example.com.com(uid=0)
[   18.223047] test-device gdm-authd][2737]: gkr-pam: couldn't unlock the login keyring.
[   22.351498] test-device authd[1112]: 2024/09/23 17:42:31 WARN rpc error: code = NotFound desc =
[   40.299647] test-device authd[1112]: 2024/09/23 17:42:49 WARN rpc error: code = NotFound desc =
[   40.300437] test-device authd[1112]: 2024/09/23 17:42:49 WARN rpc error: code = NotFound desc =
[   81.547307] test-device authd[1112]: 2024/09/23 17:43:31 WARN rpc error: code = NotFound desc =
[   82.651460] test-device authd[1112]: 2024/09/23 17:43:32 WARN rpc error: code = NotFound desc =
[   98.543245] test-device gdm-authd][2737]: pam_unix(gdm-authd:session): session closed for user user@example.com.com
[   98.565788] test-device authd[1112]: 2024/09/23 17:43:48 WARN rpc error: code = NotFound desc =
[   98.569399] test-device authd[1112]: 2024/09/23 17:43:48 WARN rpc error: code = NotFound desc =
[  104.481218] test-device gdm-authd][6894]: pam_intune(gdm-authd:auth): Creating auth context
[  104.484247] test-device gdm-authd][6894]: gkr-pam: unable to locate daemon control file
[  104.484340] test-device gdm-authd][6894]: gkr-pam: stashed password to try later in open session
[  104.516806] test-device gdm-authd][6894]: pam_intune(gdm-authd:session): Processing user session startup
[  104.517106] test-device gdm-authd][6894]: pam_intune(gdm-authd:session): Creating runtime dir /run/intune/1000
[  104.517137] test-device gdm-authd][6894]: pam_intune(gdm-authd:session): Processed Intune policy for localUser
[  104.517162] test-device gdm-authd][6894]: pam_unix(gdm-authd:session): session opened for user localUser(uid=1000) by localUser(uid=0)
[  104.814562] test-device gdm-authd][6894]: gkr-pam: unlocked login keyring
[  105.089123] test-device authd[1112]: 2024/09/23 17:43:54 WARN rpc error: code = NotFound desc =
[  105.095843] test-device authd[1112]: 2024/09/23 17:43:54 WARN rpc error: code = NotFound desc =
[  105.098304] test-device authd[1112]: 2024/09/23 17:43:54 WARN rpc error: code = NotFound desc =
[  107.288312] test-device authd[1112]: 2024/09/23 17:43:56 WARN rpc error: code = NotFound desc =
[  110.425868] test-device authd[1112]: 2024/09/23 17:43:59 WARN rpc error: code = NotFound desc =
[  139.342803] test-device authd[1112]: 2024/09/23 17:44:28 WARN rpc error: code = NotFound desc =
[  139.369964] test-device authd[1112]: 2024/09/23 17:44:28 WARN rpc error: code = NotFound desc =
[  157.955980] test-device authd[1112]: 2024/09/23 17:44:47 WARN rpc error: code = NotFound desc =
[  167.943857] test-device authd[1112]: 2024/09/23 17:44:57 WARN rpc error: code = NotFound desc =
[  170.037414] test-device authd[1112]: 2024/09/23 17:44:59 WARN rpc error: code = NotFound desc =
[  211.110262] test-device authd[1112]: 2024/09/23 17:45:40 WARN rpc error: code = NotFound desc =
[  218.550706] test-device gdm-authd][6894]: pam_unix(gdm-authd:session): session closed for user localUser
[  228.759635] test-device gpasswd[10754]: user user@example.com.com removed by root from group localsudogroup
[  228.815124] test-device gdm-authd][10519]: gkr-pam: no password is available for user
[  228.845770] test-device gdm-authd][10519]: pam_intune(gdm-authd:session): No authtok available; password policies will fail: No module specific data is present
[  228.846578] test-device gdm-authd][10519]: pam_unix(gdm-authd:session): session opened for user user@example.com.com(uid=843501783) by user@example.com.com(uid=0)
[  229.194698] test-device gdm-authd][10519]: gkr-pam: couldn't unlock the login keyring.
[  229.474606] test-device authd[1112]: 2024/09/23 17:45:58 WARN rpc error: code = NotFound desc =
[  229.475634] test-device authd[1112]: 2024/09/23 17:45:58 WARN rpc error: code = NotFound desc =
[  229.478510] test-device authd[1112]: 2024/09/23 17:45:58 WARN rpc error: code = NotFound desc =
[  230.430455] test-device authd[1112]: 2024/09/23 17:45:59 WARN rpc error: code = NotFound desc =
[  230.430945] test-device authd[1112]: 2024/09/23 17:45:59 WARN rpc error: code = NotFound desc =
[  233.491290] test-device authd[1112]: 2024/09/23 17:46:03 WARN rpc error: code = NotFound desc =
[  292.549528] test-device authd[1112]: 2024/09/23 17:47:02 WARN rpc error: code = NotFound desc =
[  293.639106] test-device authd[1112]: 2024/09/23 17:47:03 WARN rpc error: code = NotFound desc =
[  800.054959] test-device gdm-authd][10519]: pam_unix(gdm-authd:session): session closed for user user@example.com.com
[  806.670988] test-device gdm-authd][16203]: pam_intune(gdm-authd:auth): Creating auth context
[  806.673063] test-device gdm-authd][16203]: gkr-pam: unable to locate daemon control file
[  806.673148] test-device gdm-authd][16203]: gkr-pam: stashed password to try later in open session
[  806.692924] test-device gdm-authd][16203]: pam_intune(gdm-authd:session): Processing user session startup
[  806.693225] test-device gdm-authd][16203]: pam_intune(gdm-authd:session): Processed Intune policy for localUser
[  806.693254] test-device gdm-authd][16203]: pam_unix(gdm-authd:session): session opened for user localUser(uid=1000) by localUser(uid=0)
[  806.952413] test-device gdm-authd][16203]: gkr-pam: unlocked login keyring
[  807.241602] test-device authd[1112]: 2024/09/23 17:55:36 WARN rpc error: code = NotFound desc =
[  807.243971] test-device authd[1112]: 2024/09/23 17:55:36 WARN rpc error: code = NotFound desc =
[  807.245448] test-device authd[1112]: 2024/09/23 17:55:36 WARN rpc error: code = NotFound desc =
[  808.866366] test-device authd[1112]: 2024/09/23 17:55:38 WARN rpc error: code = NotFound desc =
[  810.439838] test-device authd[1112]: 2024/09/23 17:55:39 WARN rpc error: code = NotFound desc =
[  841.487858] test-device authd[1112]: 2024/09/23 17:56:11 WARN rpc error: code = NotFound desc =
[  843.301807] test-device authd[1112]: 2024/09/23 17:56:12 WARN rpc error: code = NotFound desc =
[  857.518295] test-device authd[1112]: 2024/09/23 17:56:27 WARN rpc error: code = NotFound desc =
[  868.946691] test-device authd[1112]: 2024/09/23 17:56:38 WARN rpc error: code = NotFound desc =
[  871.051558] test-device authd[1112]: 2024/09/23 17:56:40 WARN rpc error: code = NotFound desc =
[  913.922771] test-device authd[1112]: 2024/09/23 17:57:23 WARN rpc error: code = NotFound desc =
[  976.913238] test-device authd[1112]: 2024/09/23 17:58:26 WARN rpc error: code = NotFound desc =
[  976.918111] test-device authd[1112]: 2024/09/23 17:58:26 WARN rpc error: code = NotFound desc =
[ 1125.051524] test-device authd[1112]: 2024/09/23 18:00:54 WARN rpc error: code = NotFound desc =
[ 1125.056189] test-device authd[1112]: 2024/09/23 18:00:54 WARN rpc error: code = NotFound desc =
[ 1127.665010] test-device authd[1112]: 2024/09/23 18:00:57 WARN rpc error: code = NotFound desc =
[ 1127.690718] test-device authd[1112]: 2024/09/23 18:00:57 WARN rpc error: code = NotFound desc =
[ 1142.281709] test-device authd[1112]: 2024/09/23 18:01:11 WARN rpc error: code = NotFound desc =
[ 1157.148029] test-device authd[1112]: 2024/09/23 18:01:26 WARN rpc error: code = NotFound desc =
[ 1162.525703] test-device authd[1112]: 2024/09/23 18:01:32 WARN rpc error: code = NotFound desc =
[ 1169.675687] test-device gpasswd[22103]: user user@example.com.com removed by root from group localsudogroup
[ 1169.819029] test-device authd[1112]: 2024/09/23 18:01:39 WARN rpc error: code = NotFound desc =
[ 1169.819681] test-device authd[1112]: 2024/09/23 18:01:39 WARN rpc error: code = NotFound desc =
[ 1173.566618] test-device authd[1112]: 2024/09/23 18:01:43 WARN rpc error: code = NotFound desc =
[ 1173.567436] test-device authd[1112]: 2024/09/23 18:01:43 WARN rpc error: code = NotFound desc =
[ 1183.224691] test-device authd[1112]: 2024/09/23 18:01:52 WARN rpc error: code = NotFound desc =
[ 1183.225273] test-device authd[1112]: 2024/09/23 18:01:52 WARN rpc error: code = NotFound desc =

authd broker configuration

/etc/authd/brokers.d/msentraid.conf

# This section is used by authd to identify and communicate with the broker.
# It should not be edited.
[authd]
name = Microsoft Entra ID
brand_icon = /snap/authd-msentraid/current/broker_icon.png
dbus_name = com.ubuntu.authd.MSEntraID
dbus_object = /com/ubuntu/authd/MSEntraID

authd-msentraid configuration

[oidc]
issuer = https://login.microsoftonline.com/<UUID redacted>/v2.0
client_id = <UUID redacted>

[users]
# The directory where the home directory will be created for new users.
# Existing users will keep their current directory.
# The user home directory will be created in the format of {home_base_dir}/{username}
# home_base_dir = /home

# The username suffixes that are allowed to login via ssh without existing previously in the system.
# The suffixes must be separated by commas.
# ssh_allowed_suffixes = @example.com,@anotherexample.com

Double check your logs

• [X] I have redacted any sensitive information from the logs

[denisonbarbosa]

Hey, @namato1! Thanks for reporting this issue. Would you mind following the steps to enable the debug logs on the broker also? This can help us understand if something is going wrong on that side.

Seeing that you can authenticate with the remote user, I suspect this group listing issue could be an inconsistency/limitation of msgraph. We'll investigate the issue further!

Meanwhile, we have an updated version of authd in the authd-edge PPA, so would you mind updating to the newest version and also enabling the broker logs as I've mentioned above? Thanks again for your help!

[namato1]

Hi, please see attached logs. Provided an updated log as well

snapauthd_msentra.log authdservice.log

[dtx257]

Same problem here, I have 130 Azure groups on my user and I only see 100 under Ubuntu. Another user with 116 groups only sees 100 also. (101 exactly with the local group equal to the user login) My logs are like yours.

Here the command to count groups id -a | tr ',' '\n' | wc -l

[adombeck]

@namato1, @dtx257: Thank you both for reporting this issue! We found the cause and plan to fix it soon.

[dtx257]

Problem solved in version 0.3.6 edge, thanks guys. Just need to handle the gnome keychain and we're good !

[adombeck]

Problem solved in version 0.3.6 edge

Right, this issue should indeed be fixed on the edge channel of the authd-msentraid snap. Thanks for confirming!

[SiloReed]

Shouldn't the Microsoft 365 (Unified) groups be filtered out and only Security groups be enumerated by the broker? Unified groups can't be used for security on Windows so why would they be enumerated for Linux?