Learn more about these different git repos.
Other Git URLs
When the server mode is enabled, the first id(1) invocation sometimes includes Domain Users, while the next lookup does not. This may be related to SSSD filtering out built-in groups and it's inconsistent.
The bug only affects Domain Users. The problem is that while Domain Users is present in the TokenGroups and the PAC, it doesn't have any members in LDAP. In the AD provider, we were able to work around the issue as the primary GID is Domain Users, too, but the subdomains are MPG domains currently, so this workaround doesn't apply.
summary: Group memberships removed in subsequent lookups in server_mode => Domain Users memberships removed in subsequent lookups in server_mode
milestone: NEEDS_TRIAGE => SSSD 1.11 beta 3
priority: major => minor
rhbz: => 0
patch: 0 => 1
resolution: => fixed
status: new => closed
Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.11.0
to comment on this ticket.