AD users can login, AD group members cannot sssd

Issues related to configuring your network
Post Reply
Posts: 8
Joined: 2019/10/09 13:49:42

AD users can login, AD group members cannot sssd

Post by araczek » 2022/01/09 18:02:00

On a test setup with Windows 2019 and Centos 7 I am trying to get users on the Linux machines to login to AD via group membership
and it is not working. I basically followed instructions at this link: ... directory/

Note by login I am taking about console login and not SSH login (yet).I successfully added the Linux machine to AD, logged into the AD domain successfully via Linux as AD 'administrator' and also a normal user created in AD. Removed permitted logins (realm deny --all) and added an AD group called 'centaccess'. Restarted sssd. No user in the 'centaccess' group can login to the console but as an individual can login.

I also tried to permit just one user from AD and it worked fine. I just can't get users in a group to be able to login to the console. I also tried removing the need for FQDN, no luck.

What am I missing?

Post Reply