FreeIPA Server 4.1.2
FreeIPA client 3.0.0-42
I'm not sure how to go about fixing this or working around it.
In our organization we have a trust relationship between ad.somedomain.net
We don't want our AD users having to type usern...@ad.somedomain.net when
logging in to an IPA machine so we have added
default_domain_suffix = ad.somedomain.net to the [sssd] section of
This works great when logging in with an AD user. I can login using
'username' and they end up with the proper shell and home directory
However, when I try to login with an IPA user using the username
ipau...@ipadomain.net I am just disconnected. Removing the
default_domain_suffix line immediately fixes , but then we lose the
ability to login with AD users just typing their username.
Does anyone know how to fix this / workaround it so we can use the
default_domain_suffix option and not break internal FreeIPA user logins?
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project