Learn more about these different git repos.
Other Git URLs
The tokenGroups attribute only returns the correct group-memberships then the Global Catalog and the user are coming from the same domain. Lookups for users from other domains in the forest may return incomplete or wrong results.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1033096
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1033096 1033096]
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.11.3
owner: somebody => sbose status: new => assigned
patch: 0 => 1
resolution: => fixed status: assigned => closed
changelog: => The AD provider is able to resolve group memberships for groups with Global and Universal scope. The initgroups (get groups for user) operation for users from trusted AD domains was mode reliable by reading the required tokenGroups attribute from LDAP instead of Global Catalog
Metadata Update from @sbose: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.11.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3203
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.