[Freeipa-users] username case sensitivity
Lukas Slebodnik
lslebodn at redhat.com
Fri May 15 19:44:31 UTC 2015
On (15/05/15 17:27), Andy Thompson wrote:
>Is there a way to enforce case sensitivity for trusted AD users? I am trying to use username for ssh chroots and I can authenticated with any case combination of <UsERname> but if ssh is set to match on <username> then the chroot is not enforced and the user is dropped to their usual home directory. I found a case_sensitive option for sssd but it does not seem to have any affect. Running RHEL6.6 clients.
>
IPA domain is by default case sensitive.
So You will not change anything if you put "case_sensitive = true" into domain
section of sssd.conf.
But SSSD will create subdomains for each AD domain. It is different id_provider
therefore different default values are used for subdomains and for AD provider
it is case *insensitive* by default.
Currently there's no way how to change it for subdomains (AD trusted domains)
LS
More information about the Freeipa-users
mailing list