Description:sssd-2.4.0+ makes use of the lightweight UPD connnectionless LDAP (cldap) in openldap. Without this feature enabled, sssd-2.4.0+ is now longer able to retrieve use groups, ids and permissions from LDAP or Active Directory. I initially create a ticket for sssd, but they recommended rebuilding libldap with cldap enabled. Doing so resolved the issue. This even causes issues with packages like libvirt because the system can no longer resolve the ldap/AD groups.


Additional info:
* package version(s) - libldap 2.4+
* config and/or log files etc - in upstream bug report
* link to upstream bug report, if any - https://github.com/SSSD/sssd/issues/5391

Steps to reproduce:
1. Install openldap, libldap & sssd for the arch repositories
2. Set up sssd to allow for active directory/ldap authentication
3. Login with active directory/ldap account
4. Attempt to retrieve use groups (id <username>)

Steps to resolve:
Rebuild openldap/libldap with connectionless LDAP support by adding CFLAGS="${CFLAGS} -DLDAP_CONNECTIONLESS" to PKGBUILD in the build subsection before the make command