Red Hat Security Advisory 2013-0663-01 - SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides NSS and PAM interfaces toward the system and a pluggable back end system to connect to multiple different account sources. When SSSD was configured as a Microsoft Active Directory client by using the new Active Directory provider, the Simple Access Provider did not handle access control correctly. If any groups were specified with the "simple_deny_groups" option, all users were permitted access.
dead9317699f5089b93d69eff067de302f0ed4046e9544a10ea4072f333332b9