After enabling 'files' domain for fetching sudo-rules from IPA for local users, 'id ipauser' does not show secondary groups

Solution Verified - Updated -


# id ipauser
uid=12345(ipauser) gid=12345(ipauser) groups=12345(ipauser)

This issue is not observed with proxy domain.

  • After enabling 'files' domain in sssd.conf on IPA client , secondary groups go missing for IPA users.


  • Red Hat Enterprise Linux 7
  • SSSD
  • sudo
  • Configuration: id_provider = files

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content