Configuring a new version 11.0 VMware appliance.

OS authentication with Active Directory/LDAP configured and functioning. However, any user with a valid ID can login. I need to restrict this to certain users/groups. 

I attempted to use the simple_allow_users and simple_allow_groups directives in sssd.conf, but it doesn't seem to have any effect. 

How do I restrict logins to only certain AD users or groups?

Release : 11.0

How to allow specific group of users done by configuring the user search filter like below

ldap_user_search_base = DC=<BaseDN>?subtree?(CN=<groupName>)

Excerpt sssd.conf

#Domain Section and Server Details

[domain/ldap]

ad_server = <Domain_controler_Name>

ad_domain =  <WindowsActiveDirectoryName>

krb5_realm = <KERBEROS_REALM>

krb5_keytab =  /home/ssgconfig/<keytab_name>.keytab

id_provider = ad

.

.

ldap_search_base = <BaseDN?

ldap_user_search_base =DC=<BaseDN>?subtree?(CN=<groupName>)

.

debug_level = 9