Hi all, thanks for your time. I have a question regarding to the 'ldap_idmap_range_max = 2000100000'. I have users with UIDs and GIDs closely to the max range available. How I can prevent to maintain under this max range? or There's any other solution to restrict the sssd configuration to only retrieve users and groups from an AD ?. I already tried with "ad_access_filter = (memberOf=cn=admins,ou=Testou,dc=example,dc=com)". (Ubuntu 14.04 LTS)