[Freeipa-users] allow trust users to login without domain
Andy Thompson
Andy.Thompson at e-tcc.com
Wed Apr 29 11:08:16 UTC 2015
> -----Original Message-----
> From: Martin Kosek [mailto:mkosek at redhat.com]
> Sent: Wednesday, April 29, 2015 7:05 AM
> To: Andy Thompson; freeipa-users at redhat.com; Jakub Hrozek
> Subject: Re: [Freeipa-users] allow trust users to login without domain
>
> On 04/29/2015 12:57 PM, Andy Thompson wrote:
> > In the environment I'm working on currently we have a single trusted
> > AD domain and will never have any additional domain trusts in place.
> > Is there a way to allow users to login without using @ad_domain in their
> username?
> > We use DB2 in the environment and it's from the dark ages and doesn't
> > like usernames with more than 8 chars :/
> >
> > Thanks
> >
> > -andy
>
> This looks as a job for default_domain_suffix option. See "man sssd.conf" for
> details.
>
> Note that after this fix, IPA users would need to log in with fully qualified
> user name instead. CCing Jakub for reference.
Perfect. I grepped the man page.. apparently didn't search for the right thing.
Thanks much
-andy
More information about the Freeipa-users
mailing list