One motivation: the customer demands like this...
Also: ignore Windows specific group info which is not important for the Linux domain
Also: too much groups!
If it's a sssd thing, this might be solved on the IPA-server as well since getting the AD group info is handles by sssd on the IPA-server, right?
Anyway: how to handle this issue?
Op 23-11-15 om 10:54 schreef Martin Kosek:
On 11/23/2015 10:50 AM, Winfried de Heiden wrote:Hi all,For some reason, we only want to use the Active Directory user from an Active Directory using a Trust. (groups like "Domain Users" are of no use...) Is it possible to ignore (hide) ALL groups from a particular Domain (trust)/ Kinds Regards, WinnyThis looks as a question for the client part (SSSD). I do not fully understand the use case, you want to allow AD user to authenticate to Linux box, but you do not want the Linux box to see any of the AD groups? What is the motivation, if I may ask?
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project