[Freeipa-users] allow trust users to login without domain
Martin Kosek
mkosek at redhat.com
Wed Apr 29 11:05:14 UTC 2015
On 04/29/2015 12:57 PM, Andy Thompson wrote:
> In the environment I'm working on currently we have a single trusted AD
> domain and will never have any additional domain trusts in place. Is there
> a way to allow users to login without using @ad_domain in their username?
> We use DB2 in the environment and it's from the dark ages and doesn't like
> usernames with more than 8 chars :/
>
> Thanks
>
> -andy
This looks as a job for default_domain_suffix option. See "man sssd.conf" for
details.
Note that after this fix, IPA users would need to log in with fully qualified
user name instead. CCing Jakub for reference.
More information about the Freeipa-users
mailing list