+++ This bug was initially created as a clone of Bug #1217559 +++
This bug is created as a clone of upstream ticket:
We decided to deny access to fix crash in ticket #2629.
It was short time solution for GPOs from different domain controller.
@see details in thread https://lists.fedorahosted.org/pipermail/sssd-devel/2015-April/023279.html
Created attachment 1132144 [details]
Manually verified against sssd-1.13.3-15.el6.x86_64, full logs attached.
Connection closed by 192.168.76.3
Last login: Tue Mar 1 23:41:15 2016 from 192.168.71.16
[email@example.com@sssdqe1 ~]$ hostname
#### config file
config_file_version = 2
services = nss, pam
domains = domain.com
default_shell = /bin/bash
debug_level = 0xFFF0
id_provider = ad
ad_domain = domain.com
cache_credentials = True
krb5_store_password_if_offline = True
use_fully_qualified_names = True
fallback_homedir = /home/%d/%u
ad_gpo_access_control = enforcing
access_provider = ad
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.