Hi, Is it possible to have groups fetched from LDAP while still having `ad` as the id_provider?
The reason to do this is the following: Historically, our organization has had all linux machines to get its id data from LDAP. But now with NFSv4, we are joining the machines to AD, while still using id_provider=ldap and getting our groups from our ldap server. This works well. The challenge came when now we have to use certificate-based authentication. The certificates are in AD, and so far it has only worked when I had id_provider=ad. If I could still fetch the groups from ldap, that would be a win-win, as we still could use NFSv4 while being able to use certificate-based authentication. Any tips here? Best, Francis _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue