Red Hat IdM: How to avoid all Active Directory (AD) groups to be listed.

Solution Verified - Updated -


  • You have a large number of groups assigned to (some) of your users in Active Directory (AD) and want to avoid all those users to be listed in Linux.
  • Login via SSH with some user from Active Directory (AD) takes very long, due to SSSD has to query a large number of groups.


  • Red Hat Enterprise Linux (RHEL) 7.x
  • Red Hat Identity Management (IdM) 4.x
    (connected to Microsoft Active Directory (MS AD))

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In