> > > IMO, work-arounds could be: > 1) trigger "by name" look up first (e.g. ssh) > 2) using `ldap_idmap_default_domain_sid` option to "bind" domain to a > fixed slice (0). IIUC, this should pre-populate id mapping. > But please be careful with it, as this result in a *new* UIDs generated > for all objects in this domain (since currently this domain clearly maps to > a non-zero slice) > > JFTR: this meant to be "OR".
Perhaps you could trigger such a lookup by placing `getent -s sss passwd user1` somewhere in a startup script (after sssd started). Copying cache file feels error prone....
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
