On 07/29/2015 10:07 AM, Cumer Cristiano wrote:
I have a setup with two different AD domains a.com and b.com in separate forests. Im
working with sssd-1.11.7
Everything is fine apart from sudo. When I issue an sudo, sssd performs authentications
always on domain A even if the user logged in belongs to domain B.
How can I tell sssd to perform the searches in the domain of the logged in user?
if you want to share names between domains, I'm afraid you need to use
use_fully_qualified_names set to true. But then it has to be also
reflected by sudoUser attribute at this moment (we have a ticket to fix