Hi, > sssd version: 1.16.1
This is really way too old. Can you reproduce an issue with a more modern (2.9+) sssd version? On Fri, Dec 6, 2024 at 12:59 AM Bob Green via sssd-devel < [email protected]> wrote: > sssd correctly identifies that an account is a member of a large 1501+ > member AD group via "id <account>". However getent group > <1501+_member_group> does not list the account. Only the first 1500 > members are displayed. Is this a limitation of getent group ? Or is > there a way to configure sssd to display all group members via getent > group <group>? > > AD groups are not nested. > OS: SUSE Linux Enterprise Server 12 SP5 > sssd version: 1.16.1 Release: 7.65.1 > > # cat /etc/sssd/sssd.conf > [sssd] > services = nss, pam > config_file_version = 2 > domains = DOM.CORP.COM > > [domain/DOM.CORP.COM] > entry_cache_timeout = 14400 > refresh_expired_interval = 10800 > cache_credentials = true > id_provider = ad > auth_provider = ad > access_provider = simple > dyndns_update = false > full_name_format = %1$s > use_fully_qualified_names = false > ldap_referrals = false > ldap_id_mapping = false > ldap_disable_range_retrieval = false > ldap_force_upper_case_realm = true > ldap_group_nesting_level = 0 > ldap_use_tokengroups = false > ldap_search_base = OU=my_ou,DC=dom,DC=corp,DC=com > krb5_canonicalize = false > krb5_validate = false > > Thanks, > Bob > -- > _______________________________________________ > sssd-devel mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ sssd-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
