On Tue, Jan 14, 2020 at 05:01:20PM -0000, Michael Barkdoll wrote:
Yes, I was just about to post an update. Someone did indeed create
an AD user account named:
root(a)sample.college.edu
If I can't get the other user to agree to remove root(a)sample.college.edu AD user
object, then I think I'd be required to make users login as
useraccount(a)sample.college.edu due to this file permission change issue and other issues
that would likely occur. However, your default_domain_suffic seems to be here to save the
day.
Would something like the following first attempt to resolve local user accounts prior to
AD?
default_domain_suffix = LOCAL,
SAMPLE.COLLEGE.EDU
Hi,
the domain used for users from /etc/passwd is called 'implicit_files'
and as you said in your other email the option is called
'domain_resolution_order'.
If this does not help you can modify the order in /etc/nsswitch.conf as
well so that 'files' is listed before 'sss'.
HTH
bye,
Sumit
I put the following like in the domain section to allow short domain names.
[
domain/sample.college.edu]
use_fully_qualified_names = False
I'm trying it now and it currently appears to work. There currently is no conflict
between local user root and domain user root, but last time it took a day or two for the
error to pop up. Do you think this config is safe?
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...