[Freeipa-users] Can an Active Directory domain be the default domain?
David Guertin
guertin at middlebury.edu
Mon Apr 13 14:23:08 UTC 2015
In our newly-setup IPA environment, users can log in to RHEL clients
with the username <username>@addomain. This works, but I've run into a
problem with some RHEL 5 clients that are Apache servers -- the Apache
UserDir mappings no longer work. Many of the users have web pages served
from the public_html directory in their home directory. With our old NIS
configuration, the URL is of the form http://hostname/~username. With
the new IPA configuration, these URLs no longer work; the web pages are
now found in http://hostname/~username@addomain.
I can think of several ways to approach this problem, but my first
thought is to have IPA recognize the AD domain as the default domain, so
that our users could log in with <username> instead of
<username>@addomain, and the existing URLs will work. Is this possible?
I was looking at the auth_to_local setting in /etc/krb5.conf, but I
couldn't figure out what to do with it.
Thanks,
David Guertin
More information about the Freeipa-users
mailing list