SSSD 1.16.5, centos 7
For domain joined Linux systems, I have to manually set their uidNumber or uid AD attribute to their Linux UID so that users can write on world-writable NFS shares.
uid/uidNumber empty, domain users cant write.
Something is missing from the sssd.conf but I thought this was supposed to take care of this UID mapping that I need:
ldap_id_mapping = True
sssd.conf
[sssd]
domains = <NAME.COM>
config_file_version = 2
services = nss, pam
[domain/<NAME.COM>]
ad_domain = <NAME.COM>
krb5_realm = <NAME.COM>
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
auth_provider = ad
access_provider = simple
chpass_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
ldap_idmap_autorid_compat = true
ldap_idmap_default_domain_sid = <SID of Domain here>
use_fully_qualified_names = false
fallback_homedir = /home/%u