Disclaimer: I did not follow this thread closely. On 07/08/2018 08:06 PM, Spike White wrote:
Yes, most of the groups missing when I set 'ldap_use_tokengroups = true' are universal groups.
I vaguely remember that Volker said something about this in his FOSDEM talk: https://fosdem.org/2018/schedule/event/samba_authentication_authorization/ See slide 12 of his presentation especially: "Domain Controllers calculate membership at login time" This could be the cause of your issues. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/FPJ56S2WUHS7ATPICIYU37AI2TA4NOL4/
