There is going to be a new feature in nss, called group merging.
group: files [SUCCESS=merge] sss
If you put something like this in nsswitch.conf it will first lookup group in /etc/groups, then in sssd domains and the result will be merged. This however contradicts with recent change in order where sssd is searched first because it now supports files provider. We do have to implement this ourselves somehow.
The reasoning behind this can be found here:
Metadata Update from @jhrozek:
- Issue priority set to: blocker (was: minor)
- Issue set to the milestone: SSSD 2.0
to comment on this ticket.
Copyright © 2014-2018 Red Hat
4.0.3 — Documentation