We're running into the Self Service bug with LDAP-user-scoped groups where policies sometimes return the "item is no longer available" error. This is causing a lot of issues with our technicians, since LDAP-gating is required for device provisioning and other security-sensitive policies.
I am looking into options to bypass LDAP scoping and restricting policies another way. Has anyone come up with a method to authenticate an AD user in a bash script? I just need to validate the user's credentials against AD, and the system is not bound to AD yet.