Hi "getent group <name>" does not give any output at all. However "getent passwd" looks correctly up in the AD:
$ getent passwd zmir2 zmir2:*:2956636:100:Hans Schou:/home/zmir2:/bin/bash $ grep -c ^zmir2 /etc/passwd 0 nsswitch looks fine: $ egrep "^(group|passwd)" /etc/nsswitch.conf passwd: files sss group: files sss SSO is working fine with both ssh and samba share. $ realm list foo.org type: kerberos realm-name: FOO.ORG domain-name: foo.org configured: kerberos-member server-software: active-directory client-software: winbind required-package: oddjob-mkhomedir required-package: oddjob required-package: samba-winbind-clients required-package: samba-winbind required-package: samba-common-tools login-formats: %U login-policy: allow-any-login foo.org type: kerberos realm-name: FOO.ORG domain-name: foo.org configured: kerberos-member server-software: active-directory client-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-package: adcli required-package: samba-common-tools login-formats: %U login-policy: allow-realm-logins # cat /etc/sssd/sssd.conf [sssd] domains = foo.org config_file_version = 2 services = nss, pam [domain/foo.org] ad_domain = foo.org krb5_realm = FOO.ORG realmd_tags = manages-system joined-with-samba cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = False use_fully_qualified_names = False fallback_homedir = /home/%u access_provider = ad All on Red Hat 7.6. The goal is to use an AD group in a samba share but it obviously does not lookup groups in the AD, only specific users. -- Venlig hilsen - best regards
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org