hi, reposting with zipped log.
we have a trust between an AD forest (2016) and an RHEL 7 Idm environment. We have this ad group: $ ipa group-show d-xxx-platform-admins Group name: d-xxx-platform-admins Description: AD d-xxx-platform-admins External member: [email protected] Member of groups: xxx-platform-admins When I run the command getent group xxx-platform-admins on the kdc, I get the full list of users in the AD group: $ getent group xxx-platform-admins xxx-platform-admins:*:1679450504:[email protected],[email protected] ,[email protected],[email protected],[email protected],[email protected] ,[email protected],[email protected],[email protected],[email protected] ,[email protected],[email protected],[email protected],[email protected] ,[email protected],[email protected],[email protected] but on the idm client: # getent group xxx-platform-admins xxx-platform-admins:*:1679450504:[email protected],[email protected] Attached the sssd_nss.log with debuggging enabled. Thanks in advance. -- regards, Natxo
sssd_nss.log.gz
Description: GNU Zip compressed data
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
