AD: Add user as a direct member of his primary group

In the AD case, deployments sometimes add groups as parents of the
primary GID group. These groups are then returned during initgroups
in the tokenGroups attribute and member/memberof links are established
between the user and the group. However, any update of these groups
would remove the links, so a sequence of calls: id -G user; id user; id
-G user would return different group memberships.

The downside of this approach is that the user is returned as a group
member during getgrgid call as well.

0 files changed, 0 insertions, 0 deletions