On 07/29/2015 10:07 AM, Cumer Cristiano wrote:
Hello,
I have a setup with two different AD domains a.com and b.com in separate forests. Im
working with sssd-1.11.7
Everything is fine apart from sudo. When I issue an sudo, sssd performs authentications
always on domain A even if the user logged in belongs to domain B.
How can I tell sssd to perform the searches in the domain of the logged in user?
Cristiano
Hi,
if you want to share names between domains, I'm afraid you need to use
use_fully_qualified_names set to true. But then it has to be also
reflected by sudoUser attribute at this moment (we have a ticket to fix
that).