Sorry, forgot to mention. Already done this. Here is my sssd.conf [sssd] domains = AD.DOMAIN.EXAMPLE config_file_version = 2 services = nss, pam, sudo
[domain/AD.DOMAIN.EXAMPLE] ad_domain = AD.DOMAIN.EXAMPLE krb5_realm = AD.DOMAIN.EXAMPLE realmd_tags = manages-system joined-with-adcli cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = False fallback_homedir = /opt/home/%u access_provider = simple ad_enable_dns_sites = false ad_server = AD.DOMAIN.EXAMPLE krb5_server = AD.DOMAIN.EXAMPLE simple_allow_groups = Developers @AD.DOMAIN.EXAMPLE debug_level = 9 [sudo] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
