Support for AD users from different forests with sssd-ad provider

Solution Verified - Updated -


  • Linux Client is directly enrolled into Windows AD domain.
  • The domain belongs to AD forest A, but another forest B exists too.
  • Users from root and subdomains of the forest B should be able to log in into the system using SSSD and their identity and group membership should be resolvable.


  • Red Hat Enterprise Linux
  • SSSD with AD provider

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In