On Wed, Aug 07, 2013 at 06:46:48PM +0000, Armstrong, Kenneth Lawrence wrote:
> I have a test environment set up where we have a trust between the IdM domain
> and the AD domain. When we go to log into an IdM client with an AD user, we
> have to use the format of:
>
> ADDOMAIN\\[email protected]
>
> Is there a way to prepend the domain part so that we won't have to type that
> in every time?
>
> Thanks!
>
> -Kenny
Hi Kenny,
I think that you're looking for the "default_domain_suffix" parameter.
>From man sssd.conf:
default_domain_suffix (string)
This string will be used as a default domain name for all names
without a domain name component. The main use case is environments
where the primary domain is intended for managing host policies
and all users are located in a trusted domain. The option allows
those users to log in just with their user name without giving a
domain name as well.
Please note that if this option is set all users from the primary
domain have to use their fully qualified name, e.g. [email protected],
to log in.
Default: not set
The parameter should be set in the [sssd] section, not in the domain section.
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
