[Freeipa-users] Can an Active Directory domain be the default domain?
Jakub Hrozek
jhrozek at redhat.com
Mon Apr 13 14:28:22 UTC 2015
On Mon, Apr 13, 2015 at 10:23:08AM -0400, David Guertin wrote:
> In our newly-setup IPA environment, users can log in to RHEL clients with
> the username <username>@addomain. This works, but I've run into a problem
> with some RHEL 5 clients that are Apache servers -- the Apache UserDir
> mappings no longer work. Many of the users have web pages served from the
> public_html directory in their home directory. With our old NIS
> configuration, the URL is of the form http://hostname/~username. With the
> new IPA configuration, these URLs no longer work; the web pages are now
> found in http://hostname/~username@addomain.
>
> I can think of several ways to approach this problem, but my first thought
> is to have IPA recognize the AD domain as the default domain, so that our
> users could log in with <username> instead of <username>@addomain, and the
> existing URLs will work. Is this possible?
>
> I was looking at the auth_to_local setting in /etc/krb5.conf, but I couldn't
> figure out what to do with it.
>
> Thanks,
> David Guertin
Have you seen the default_domain_suffix option in sssd.conf?
More information about the Freeipa-users
mailing list