Hide Forgot
Description of problem: This bugzilla tracks the upstream ticket https://fedorahosted.org/sssd/ticket/2751 It's required to fix to process some GPO files from Windows. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Upstream ticket: https://fedorahosted.org/sssd/ticket/2751
Michal, can you add some steps to reproduce?
Steps to reproduce: 1. configure SSSD as AD client with enforced GPO access control. Add this line to the domain section in sssd.conf ad_gpo_access_control = enforcing 2. Create user1 in AD 3. create a GPO for access control on the AD server. The GPO must apply to the client machine and allow login for user1. The GPO ini file must contain line with no equal sign. For example add this as the last line in the GPO ini file foo,"2" 4. try to login as user1 from AD Current result: Access for user1 is denied. Expected result: user1 should be able to login.