Hi All -


I was tasked with setting up several RHEL 7.5 flex license servers. the Linux is week with this one

I prefer to join my AD domain for user management and share access.

Domain join went fine, and I can see the server in AD:

ad.test.com
type: kerberos
realm-name: AD.test.COM
domain-name: ad.test.com
configured: kerberos-member
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
login-formats: %U@ad.test.com
login-policy: allow-permitted-logins
permitted-logins: licenseadmin@ad.test.com
permitted-groups:






[sssd]
domains = ad.test.com
config_file_version = 2
services = nss, pam


[domain/ad.test.com]
ad_domain = ad.test.com
krb5_realm = AD.test.COM
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = simple
simple_allow_users = licenseadmin


I try to look up an ID i get this:

id licenseadmin@ad.test.com
id: licenseadmin@ad.test.com: no such user

Obviously licenseadmin cannot log in...

What did I miss? I would be happy to provide more logs if needed.

Thanks!

Wrek