Hi,

we use an Active Directory (Server 2012) and a FreeIPA 4.5.4 installation. FreeIPA runs under Centos 7, sssd version is sssd-1.16.0-19.el7.x86_64. Between AD and FreeIPA we have set up a one-way trust. For some AD users, we have set up a uid override under "Default Trust View" in FreeIPA. This overwrite is regularly lost on the FreeIPA server. If we clear the sssd cache (systemctl stop sssd; rm -rf /var/lib/sss/{db,mc}/*; systemctl start sssd), the override takes effect again. Here is a history for today:

2018-07-03 10:55:01
2018-07-03 11:05:01
2018-07-03 11:06:01
2018-07-03 11:10:01
2018-07-03 11:12:01
2018-07-03 11:15:01
2018-07-03 11:29:01
2018-07-03 11:31:01
2018-07-03 11:34:01

As you can see, there is no periodicality, from yesterday to today it runs for about 11h without problems, and today since 11:34

How can fix the problem?

Michael