Hi,
I have a domain "example.com" which has several child domains
"abc.example.com", "def.example.com", "ghi.example.com".
I have joined my CentOS 6.8 server to the domain "example.com" using adcli and
my sssd version is sssd-1.13.3-22
Here is my sssd.conf:
====================== BEGIN =======================
[sssd]
services = nss, pam, ssh
config_file_version = 2
domains =
example.com
[pam]
pam_id_timeout = 20
[
domain/example.com]
id_provider = ad
auth_provider = ad
ldap_id_mapping = true
cache_credentials = true
override_homedir = /home/%u
subdomain_enumerate = all
krb5_auth_timeout = 20
[nss]
override_shell = /bin/bash
======================== END =========================
I have user1 in
example.com and user2 in
abc.example.com
when I run "getent passwd user1" I get the expected output.
user1:*:123456789:987654321:User 1:/home/user1:/bin/bash
But when I run "getent passwd user2", I do not get any output.
And when I run "getent passwd user2(a)abc.example.com", I get the output as
follows;
user2@abc.infores.com:*:123456780:987654321:User 2:/home/user2:/bin/bash
I would like to use only the username (without the child domain name suffix) for all
purposes (login/id command/getent command etc).
How can I get the getent output for the IDs in the child domain to be the same as the
getent output for IDs in the parent domain?
I have read the man pages and also tried the "use_fully_qualified_names = false"
option. It didn't help the child domain IDs
Thanks in advance,