Learn more about these different git repos.
Other Git URLs
The tokenGroups attribute only returns the correct group-memberships then the Global Catalog and the user are coming from the same domain. Lookups for users from other domains in the forest may return incomplete or wrong results.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1033096
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1033096 1033096]
milestone: NEEDS_TRIAGE => SSSD 1.11.3
owner: somebody => sbose
status: new => assigned
patch: 0 => 1
resolution: => fixed
status: assigned => closed
changelog: => The AD provider is able to resolve group memberships for groups with Global and Universal scope.
The initgroups (get groups for user) operation for users from trusted AD domains was mode reliable by reading the required tokenGroups attribute from LDAP instead of Global Catalog
Metadata Update from @sbose:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.11.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.