SSSD in IPA/AD cross-forest trust setup is unable to resolve user groups

Solution Verified - Updated -

Issue

  • The id command does not correctly show all the groups for the given user
  • The getent group <AD group> command does not list a user as a member of the group

Environment

  • Red Hat Enterprise Linux 7
  • Identity Management / Active Directory in cross-forest trust setup
  • SSSD

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content