[Freeipa-users] Freeipa4 - AD SSH logins
Simo Sorce
simo at redhat.com
Wed Apr 15 18:56:37 UTC 2015
On Wed, 2015-04-15 at 14:19 -0400, Aric Wilisch wrote:
> So I would have to setup an ID View Override for every user in AD that needs to login to to a FreeIPA host?
If you just need a different default shell you should set the
default_shell option in sssd.conf
> I guess I’m having trouble understanding why it wouldn’t just use the
> defaults set into FreeIPA? The Default home directory is set to /home
> and the default shell is set to /bin/bash.
If it doesn't please open a bug, we probably should.
> This is a lot of work to go to unless there’s a way to set it globally
> for the entire domain. Also noticing sudo doesn’t work for those users
> even though I have the ad_admins group added to the sudo group I
> created.
Is ad_admins a posix group ? sudo understands only those, also you need
to make sure clients are using the sssd_sudo plugin for external
users/groups (IIRC).
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list