Steps:
left realm, joined realm as user1, added debug_level and ad_server to sssd.conf (it seems to hang when it runs into a dead ad_server), restarted nssd.
I ran an id on user1, it returned data. No data for user2.
I then cleared cache using: sss_cache -E, id'ed user1 again and data was returned. Still no data for user2.
[sssd]
config_file_version = 2
services = nss, pam
debug_level = 9
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad
Logs:
sssd_nss is ~700 of the following lines:
(Thu Aug 31 09:21:05 2017) [sssd[nss]] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]
sssd_example.com.log (attached).