sssd professionals,
When the sssd-ldap man page refers to "hostname", is it referring to the short name or the FQDN? I know nebiosname is short, with a '$' on the end.
From sssd-ldap man page:
ldap_sasl_authid (string) Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, this represents the Kerberos principal used for authentication to the directory. This option can either contain the full principal (for example host/myhost@EXAMPLE.COM) or just the principal name (for example host/myhost). By default, the value is not set and the following principals are used:
hostname@REALM netbiosname$@REALM host/hostname@REALM *$@REALM host/*@REALM host/*
If none of them are found, the first principal in keytab is returned.
Default: host/hostname@REALM
Spike White