On la, 03 helmi 2018, Борис Сухинин via FreeIPA-users wrote:
I'm having trouble with group membership and one-way FreeIPA to AD
trust. It seems IPA does not update LDAP compat tree entry for a group
when there are external users present. Also it "getent group" sometimes
shows outdated members list.
This is known issue, fixed in a recent slapi-nis release. A solution
relies on a new API provided by SSSD in Fedora 27/RHEL 7.5beta, so you'd
need to wait a bit when all new versions will get into the released
distribution versions.

/ Alexander Bokovoy
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to