Not all group memberships are shown for a user after a login to a machine that is enrolled in AD.

Solution Verified - Updated -

Issue

  • A machine is directly enrolled into a Windows Active-Directory domain
  • After a user login, 'id' does not show all the Windows groups the user is a member of
  • When host-based access control is in place which is based on group -memberships, this can even prevent users to login

Environment

  • Red Hat Enterprise Linux
  • System Security Services Daemon (sssd)
  • Client machine directly enrolled into Active-Directory

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.