#7 when login on a windows domain, I cannot just pass the netbios name, but the fully qualified domain name
Opened 6 years ago by nzin. Modified 4 years ago

Hi,

I setup freeipa realm and connect to an AD realm, via trust relationship.

When configuring a centos5 machine and joining in to the freeipa realm, sssd has been setup to fetch users via slapi-nis:
[sssd]
services = nss, pam
config_file_version = 2
domains = default
re_expression = (?P<name>.+)

[domain/default]
cache_credentials = True
id_provider = ldap
auth_provider = ldap
ldap_uri = ldap://ipaserver.ipa2.mtl.sfl
ldap_search_base = cn=compat,dc=ipa2,dc=mtl,dc=sfl
ldap_tls_cacert = /etc/openldap/cacerts/ipa.crt

It works great.

The alone thinks that bother me: when I connect with my Active Directory account, I cannot connect with AD_NETBIOS\user like ssh AD_NETBIOS\user@centos5 (which works fine with Centos6 and sssd 1.9+)
I can only connect via ssh -l user@<AD.fully.qualified> centos5

Regards,

Nicolas Zin


Login to comment on this ticket.

Metadata