[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sssd-users
Subject:    =?utf-8?q?=5BSSSD-users=5D?= Re: Samba, libwbclient and "Unix User" instead of real domain
From:       Sumit Bose <sbose () redhat ! com>
Date:       2017-01-17 9:27:53
Message-ID: 20170117092753.GL11789 () p ! Speedport_W_724V_Typ_A_05011603_00_011
[Download RAW message or body]

On Tue, Jan 17, 2017 at 02:00:06AM +0100, Ådne Hovda wrote:
> On 1/16/2017 5:08 PM, Sumit Bose wrote:
> > Please try to add 'use_fully_qualified_names = true' as it is on the
> > stackexchange page you linked below. Fully qualified names are currently
> > a requirement to make SSSD's libwbclient work correctly.
> 
> I tried with stripped down conf:
> 
> [domain/my.domain.local]
> id_provider = ad
> auth_provider = ad
> ldap_id_mapping = False
> access_provider = ad
> chpass_provider = ad
> use_fully_qualified_names = true
> 
> And that actually works through Samba, I'm getting translation back to
> domain users, albeit as "my.domain.local\username" instead of the short form
> "MY\username", but this makes SSSD usable with Samba. Thanks a lot! :-)

You can set

    full_name_format = %1$s@%3$s

in the [sssd] section of sssd.conf to use the short (NetBIOS) domain
name.

> 
> Is there a way to make it possible to still logon to the machine using non
> qualified names? We're moving away from NIS, and everyone is already used to
> logging in with their username only.

If all user come form the same domain you can set

    default_domain_suffix = my.domain.local

in the [sssd] section of sssd.conf, then SSSD will always add
'my.domain.local' to the user name if the domain part is missing.

HTH

bye,
Sumit

> 
> Best regards,
> Ådne Hovda
> _______________________________________________
> sssd-users mailing list -- sssd-users@lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org

[prev in list] [next in list] [prev in thread] [next in thread]