Hello all! I'm migration our old LDAP infra to IPA 4.6.5 (rhel 7) with an external trust to Windows. Previously, all users were their shortname because we replicated AD users to LDAP. Most users reside in AD, but we have *nix-only users in LDAP. Everything seems fine for rhel7+ because sssd can do multi-domain search and thus allow me to use shortname instead of user+domain.
My issue is on the rhel6 servers: sssd there is 1.13.3, so multi-domain isn't available... Which is a bummer for me because we have 1000+ rhel6 servers and this is going to be a pain to have sometimes longnames, sometimes shortnames. Has anyone work around this already? I considered my options: - Try to use sssd proxy - Try sss_override - Write a plugin for sssd to search to IPA's idoverride and return a match - Sob in front of an IPA at a pub :) Thanks for your inputs! _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org