Hi, I'm setting up a test environment with FreeIPA. I have it set up with one-way trusts to 2 AD domains and logging in works ok.
The AD trusts are not set up with the "posix" type, so the IPA servers should not be looking up posix attributes from AD. I'm now trying to configure the home directory for AD users on ipa clients. From what I've found online so far, it should be possible to configure this parameter with the "subdomain_homedir" sssd.conf parameter. Is it sufficient to configure this parameter on the IPA server(s), or do I have to configure it on all IPA clients? For now, I've configured it on my 3 IPA servers and restarted sssd. I've also cleared the sssd caches with 'sss_cache -E', but looking up the home directory still returns the old format. Even on the IPA servers themselves (where I've performed the sssd.conf changes). Is there anything else I need to configure/restart? I currently have it configured in the [domain/my-ipa-domain-name] section of sssd.conf on the IPA servers. I have a similar question regarding the login shell for AD users. I've updated the default shell from /bin/sh to /bin/bash using: ipa config-mod --defaultshell=/bin/bash But this does not seem to change the shell for my AD user? If I run 'getent passwd aduser1@addomain' on an IPA client, it shows nothing for the shell!? I know I can configure ID views with overrides for specific users, but is there a way to specify defaults for the homedir and loginshell in an ID view? Regards, Rik _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
