Hi and thank you,
I’ve enabled debug on the IPA server, to me it looks like it’s trying to lookup
the account in AD (testu...@corp2.ad2.test.net) but ends up looking for the
username at the IPA-domain in the end?
sssd_idm.test.net.log: https://pastebin.com/Az9kyiaK
sssd_nss.log: https://pastebi
If the trust was added successfully and IPA servers were promoted to
Trust Controllers or Trust Agents with ipa-adtrust-install then you
followed the necessary setup steps.
The 's2n' log messages are client-specific requests made to the IPA
server for AD trust user and group information. These