So I would have to setup an ID View Override for every user in AD that needs to 
login to to a FreeIPA host? 

I guess I’m having trouble understanding why it wouldn’t just use the defaults 
set into FreeIPA? The Default home directory is set to /home and the default 
shell is set to /bin/bash. 

This is a lot of work to go to unless there’s a way to set it globally for the 
entire domain. Also noticing sudo doesn’t work for those users even though I 
have the ad_admins group added to the sudo group I created. 

Aric Wilisch

> On Apr 15, 2015, at 2:00 PM, Alexander Bokovoy <> wrote:
> On Wed, 15 Apr 2015, Aric Wilisch wrote:
>> Today I managed to finally get a trust established between my AD Domain and 
>> my FreeIPA 4 environment.
>> However I’m noticing a couple issues and hope someone might be able to give 
>> me some help.
>> First when the user logs in it creates their home directory in
>> /home/fioptics/<username> rather than /home/<username>. I read that you
>> had to put subdomain_homedir= /home in /etc/sssd/sssd.conf but that
>> didn’t seem to fix it.
>> Also the FreeIPA environment is set to use /bin/bash as the shell,
>> however everyone from AD is logging in and using /bin/sh.
>> I’m hoping if I can get these issues sorted out the other issues I”m
>> seeing with go as well, but if they don’t I can address those at that
>> time.
> These issues are addressed with IDViews functionality in FreeIPA 4.1.
> <>
> I have a 'sneak peak' videos of how this feature works:
> <>
> <>
> These are draft sequences, no sound or subtitles so you need to read
> documentation too :)
> -- 
> / Alexander Bokovoy

Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to