Public bug reported: As per the sssd man page, the configuration from secondary configuration files in /etc/sssd/conf.d/ folder take precedence over the /etc/sssd/sssd.conf file settings.
Accordingly, if you have the below in /etc/sssd/sssd.conf simple_allow_users = userA and below in /etc/sssd/conf.d/test.conf simple_allow_users = userB only 'userB' will have the permission to login. This has been tested and verified. But when you list the permitted-logins using the command "realm list", it will always list the below entries from the /etc/sssd/sssd.conf "simple_allow_users" parameter no matter if it was overridden by same parameter from file in /etc/sssd/conf.d/ permitted-logins: userA This information returned by 'realm list' is incorrect and misleading. If I change the /etc/sssd/sssd.conf entry to below and restart sssd service, "realm list" will update accordingly. simple_allow_users = userC Tested package versions: sssd - 2.9.4-1.1ubuntu6.2 realmd - 0.17.1-3build2 Bug is reported here as well: https://gitlab.freedesktop.org/realmd/realmd/-/issues/43 ** Affects: realmd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2119081 Title: ssd and realm - not able to list effective simple_allow_users from secondary configurations under /etc/sssd/conf.d/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/2119081/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
