On Sun, May 25, 2014 at 10:31:14PM +0000, Vinícius Ferrão wrote: > Hello guys, > > I’m running sssd version 1.11 in Ubuntu 14.04 LTS (1.11.5-1ubuntu3) to > authenticate users from Active Directory from WIndows Server 2012 R2, and I’m > trying to achieve logins with the User Principal Name for all users of the > domain. But the UPN are always Enterprise Principal Names. > > Let-me illustrate the problem with my user account: > > Domain: local.example.com > sAMAccountName: ferrao > UPN: [email protected] (there’s no local in the UPN) > > I can successfully login with the sAMAccount atribute, which is fine, but I > can’t login with [email protected] which is my UPN. The optimum solution for > me is to allow logins from sAMAccount and the UPN. If’s not possible, the UPN > should be the right way instead of the sAMAccountName.
Technically this is related to the topic discussed in the '[RFC] Change default regular-expressions for user names' thread (https://lists.fedorahosted.org/pipermail/sssd-devel/2014-May/019642.html) on sssd-devel. It's about finding a user by his Kerberos principal, the Enterprise Principal Names are aliases for the Kerberos principal of the user. My plan is to include this use-case in the design for the feature discussed in the tread but I'm afraid it will only be available in the next major SSSD release. HTH bye, Sumit > > Another annoyance is the homedir pattern with those options in sssd.conf: > default_shell = /bin/bash > fallback_homedir = /home/%d/%u > > What I would like to achieve is separated home directories from the EPN. For > example: > > /home/example.com/user > /home/whatever.example.com/user > > But with this pattern I can’t map the way I would like to do. > > I’ve looked through man pages and was unable to find any answers for this > issues. > > Thanks in advance, > Vinícius. > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
