[SSSD-users] Re: sssd.conf sections only work if they reflect existing AD domain, why?

3 Sep 2018


      Thanks a lot, it works.  Changed
simple_allow_groups = Simple Users(a)FOOBAR.GLOBAL
to
simple_allow_groups = Simple Users(a)FOOBAR_NOLOGIN.GLOBAL
and it works as intended.
One thing to keep in mind: These AD users must now be referenced in Linux (e.g. in /etc/sudoers) not by their AD domain of origin but by their sssd section domain, e.g simpleuser@FOOBAR_NOLOGIN.GLOBAL.
For simplicity I also changed the other sssd section to [domain/FOOBAR.GLOBAL], and works fine.
Many thanks for your assistance.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[SSSD-users] Re: sssd.conf sections only work if they reflect existing AD domain, why?