In Solaris 10 given the following situation:
user_a (uid 1555) has a default group group_a(gid 1000) and another couple of groups it belongs to called group_b(gid 1001) and group_c(gid 1002)
user_b (uid 1556) has a default group group_b(gid 1001)
/etc/passwd looks like:
user_a:x:1555:1000:test user a:/home/user_a:/bin/bash
user_b:x:1556:1001:test user b:/home/user_b:/bin/bash
/etc/group looks like:
group_a::1000:
group_b::1001:user_a
group_c::1002:user_a
/usr/bin/groups user_a
returns
group_a group_b group_c
In this situation every time puppet runs it is trying to add a group
/User[user_a]/groups: groups changed 'group_b,group_c' to 'group_a,group_b,group_c'
/User[user_b]/groups: groups changed '' to 'group_b'
When really the groups are already setup correctly.
It looks like the way group membership is reported in solaris is not using the groups command but is rather parsing /etc/group?
I have not gone code diving, but this is my assumption.
