All, For RHEL7 and RHEL8 sssd, it can see domain-local AD groups (from the local domain) + global groups (from the local domain) + universal groups (from all trusted domains).
Yet it cannot see global groups from non-local trusted domains. We have those team convert the group to universal groups and problem solved. (don't use many global groups anyway), Is this expected behaviour? in the /etc/sssd/sssd.conf file, the local domain is defined and then the other trusted domains are auto-discovered. so that it's searching the GC to find universal group memberships. I mention the trusted domains in "domain_resolution_order". Like I say -- this is not a big problem. We rarely use global groups anyway. Just curious if this is expected behaviour. Spike
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
