Hi Lukas/Pavel,

SSSD is now working correctly for us. Following changes were done:

1. We had to add "ldap_use_tokengroups = False" in sssd.conf file. This got rid of the SID's and now only the GID/group name is retrieved.

2. I believe the reason 'id' only pulled gid's for some groups without the names was probably because sssd was still keeping hold of the old cache. I had to manually drop the cache file (/var/lib/sss/db) and then restart sssd service. After this, the id command displays the data correctly. Had tried sss_cache -E but that didn't flush the cache it seems..

Thanks again for all the help.

~ Abhi

On Wed, Aug 26, 2015 at 12:55 AM, Lukas Slebodnik <lslebodn@redhat.com> wrote:

On (25/08/15 16:24), Abhijit Tikekar wrote:
>my bad.. yes.. that was because of sanitization.. Here is the complete
>sssd.conf.
>
>Log file after debug level 9 is big and exceeds the mailing list limits. Is
>it okay to send it to you directly?
>
Sure.

LS
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users