On Thu, Nov 20, 2014 at 05:24:24PM +0000, John Hodrien wrote:
On Thu, 20 Nov 2014, Joschi Brauchle wrote:
>Yes, you are right, that is a solution.
>
>The reason I am asking is because we will be setting up tons of linux
>hosts with a common SSSD config and thus would like to eliminate special
>configs for individual hosts.
>
>Thus, instead of telling SSSD what to do (which would be a special
>config for the affected host), we would like to know what SSSD will do
>and adapt the creation of machine accounts to SSSD. This way, we hope to
>solve the "long-hostname-problem" on the server side rather than the
>client side.
I wasn't even meaning it would be a special config. You make a machine with a
long name, and you see what gets created in the keytab. Either SSSD works
with it, or it doesn't. If it doesn't, it needs fixing in SSSD.
I think this is a good point. SSSD should just work.
I did a bit more research and it seems that both Windows clients and
realmd truncate the name. Then I think it would be a good idea to let
SSSD also search for:
SHORTNAME_UP_TO_15_CHARS$@REALM
instead of:
ANYTHING_UP_TO_THE_FIRST_DOT$@REALM