> On Apr 5, 2018, at 3:22 PM, Jakub Hrozek wrote:
>
>
>
>> On 5 Apr 2018, at 19:56, Max DiOrio wrote:
>>
>> I’m guessing someone was thinking that the group lookup was case sensitive
>> and entered it both ways to rule that out.
>
> I wonder if you
> On 5 Apr 2018, at 19:56, Max DiOrio wrote:
>
> I’m guessing someone was thinking that the group lookup was case sensitive
> and entered it both ways to rule that out.
I wonder if you know how did they manage to put the duplicate entries into AD?
I tried with ADSI edit
I fixed it. Here’s more from the sssd_domain log. A single line revealed the
issue. When storing the DevTest rule it said a value is provided more than
once. When I looked at the entry in AD, the attribute sudoUser had the same
group entered twice. Once as %GS-Technology, once as
I've got a few dozen servers using SSSD to authenticate and retrieve SUDO
rules stored in AD and GPO. Everything works perfectly except for a new
RHEL 6.8 server I brought up. sssd version 1.13.3 on both the working 6.8
and non-working 6.8 server. I literally copied the nsswitch, sssd.conf and