Hi,
Is it really the intended behaviour of the sssd LDAP backend (I am
running the current code from the master branch) to only return the group
members that are already cached in sysdb and to silently ignore
everything else? E.g. when I start sssd with empty caches and do a
"getent group <random-ldap-group>" I will only get back the group without
any members. Somehow I think this can't be intended :)
I have started working on a patch to let sssd look up the non-cached
users via LDAP (and save them into the cache). Find it attached. Note:
That patch is not really complete (e.g. it doesn't handle rfc2307 groups
correctly). But before putting more effort into this I like to make sure
that I am not trying to fix a "feature" here.
--
regards,
Ralf