ldap_group_object_class = top is not the right choice, it matches /all/ objects by default, why not use 'group' ?
See https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server Or the version for the AD provider: https://fedorahosted.org/sssd/wiki/Configuring_sssd_with_ad_server I hope this helps. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1317268 Title: ldap_group_object_class = top fails to reutrn group information To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1317268/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
