We have got trusted domain ( default domain: example.com and trusted domain: test.com) users cannot login into SLES 15 user by using SSSD.Here is the configuration file sssd.conf created
[sssd]
config_file_version = 2
services = nss, pam
domains = example.com, test.com
debug_level = 9
[nss]
[pam]
[domain/example.com]
ad_domain = example.com
krb5_realm = EXAMPLE.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = False
fallback_homedir = /home/%u
access_provider = ad
simple_allow_groups = hecad
auto_private_groups = false
ldap_user_gecos = mail
debug_level = 9
[domain/test.com]
ad_domain = test.com
krb5_realm = TEST.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = False
fallback_homedir = /home/%u
access_provider = ad
simple_allow_groups = trust_group
auto_private_groups = false
ldap_user_gecos = mail
debug_level = 9
Please let me know,any solution to support multiple AD forest by using sssd in SLES 15 operating system