[Freeipa-users] One way Trust with AD with ID Views for Groups is not working as expected

What I have: AD Domain: Example.com IPA Domain lx.example.com CentOS 7.9 sssd 1.16 IPA is a master a 2 replicas. All the machines have the following configuration: Max domain level: 1 Enabled server roles: CA server, IPA master, DNS server, NTP server, AD trust agent, AD trust controller We use ID Views for both Users and Groups in AD. Our issues are with the ID Views for the groups. We constantly get the following error: /usr/bin/id: cannot find name for group ID XXX The XXX is the GID defined in the ID View of the user. The problem is resolved if I do one of the following: =============================== [username@ipa_client]: cd /home ls -lrt =============================== OR getent group <GID> OR getent group <ID View groupname> OR getent group <ad_groupname@domain> Of course, the issue is returning when cache is expired or when a **new** user that has the same primary GID tries to login on a server. What kind of information would you need in order to help me to solve this issue?