On Wed, 2015-04-15 at 14:19 -0400, Aric Wilisch wrote:
> So I would have to setup an ID View Override for every user in AD that needs 
> to login to to a FreeIPA host? 

If you just need a different default shell you should set the
default_shell option in sssd.conf

> I guess I’m having trouble understanding why it wouldn’t just use the
> defaults set into FreeIPA? The Default home directory is set to /home
> and the default shell is set to /bin/bash. 

If it doesn't please open a bug, we probably should.

> This is a lot of work to go to unless there’s a way to set it globally
> for the entire domain. Also noticing sudo doesn’t work for those users
> even though I have the ad_admins group added to the sudo group I
> created. 

Is ad_admins a posix group ? sudo understands only those, also you need
to make sure clients are using the sssd_sudo plugin for external
users/groups (IIRC).


Simo Sorce * Red Hat, Inc * New York

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to