SSSD not returning all members from AD groups containing more than 1500 members

Solution Verified - Updated -

Issue

  • Certain members of an AD group fail to authenticate whereas other members of the same group can authenticate.
  • The getent command does not return all members of the AD group.

    # getent -s sss passwd LinuxUsers
    
  • Secondary groups are not listed when the id command is run to display the groups, a user belongs to.

Environment

  • Red Hat Enterprise Linux (RHEL) 9.y
  • SSSD
  • Direct integration with Microsoft Active Directory (AD)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content