How to configure SSSD to show only primary group for AD user in 'id' output and ignore secondary groups.

Solution Verified - Updated -

Issue

  • How to make sure that SSSD doesn't show secondary AD groups and only primary group is visible in 'id' output.
  • RHEL system is joined to AD domain, how do I make sure that only primary AD group is visible for the AD user and secondary groups go missing with ldap_id_mapping = True setting?

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • SSSD

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content