Hi!

OS: Ubuntu 16.04, SSSD: 1.13.4

I'm seeing something that has me wondering if I have missunderstood anything. (quite possible)

I have multi domain Active Directory forest. I have a client connected to subdomain1 using SSSD and can do ID-query in both subdomain1 and subdomain2.

If I have a user with a username that only exists in one of these domains then there is no problem.

But if I have a user that exist with the same userid in both domain then queries looks strange to me.

It seems that the first query gets cached and reused when querying the same userid in the other domain.

For example. Query user 'simpleuser@subdomain1.domain.tld'. When I query 'simpleuser@subdomain2.domain.tld' I get the same result as the first query where it should be different.

I'm using 'default_domain_suffix' in [sssd] section of the sssd.conf which adds 'use_fully_qualified_names'.

I thought these settings would help but I can't see any changes.

What am I missing?

This is for me not a big problem but we do have some usecases where the same userid can exist on both subdomains.