[Freeipa-users] Re: ID views/override issues for AD trust

I think the very strange behaviour was due to the fact that I did not have a name for the gid in AD . As a workaround, I removed the gid from override (and let IPA generate one) . The interesting part was that getent did assign the username to the respective gid (therefore both getent group commands were successful ). I do not know if there is other alternative apart from adding a name for all GIDs in Active Directory in order to have the gid override working properly (if I define a posix group in IPA for the AD trust group does not work).