Bug 2227308

Summary: [DDF] Is there any other way where I can display the user data without domain?
Product: Red Hat Enterprise Linux 8 Reporter: Direct Docs Feedback <ddf-bot>
Component: DocumentationAssignee: lmcgarry
Documentation sub component: DDF QA Contact:
Status: ASSIGNED --- Docs Contact:
Severity: medium    
Priority: high CC: cilmar, dcamilof, lmcgarry, rhel-docs, sbose
Version: 8.0Keywords: Documentation
Target Milestone: rcFlags: lmcgarry: needinfo? (sbose)
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Direct Docs Feedback 2023-07-28 16:33:30 UTC 
Is there any other way where I can display the user data without domain?

IPA:
[root@ipa-client ~]# ipa config-show
  Maximum username length: 32
  Maximum hostname length: 64
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: lab.example.net
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title
  Group search fields: cn,description
  Enable migration mode: True
  Certificate Subject base: O=LAB.EXAMPLE.NET
  Password Expiration Notification (days): 4
  Password plugin features: AllowNThash
  SELinux user map order: guest_u:s0$xguest_u:s0$user_u:s0$staff_u:s0-s0:c0.c1023$sysadm_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
  Default SELinux user: unconfined_u:s0-s0:c0.c1023
  Default PAC types: MS-PAC, nfs:NONE
  Default user authentication types: otp
  Enable adding subids to new users: False
  IPA masters: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA master capable of PKINIT: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA CA servers: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA CA renewal master: ipa-master.lab.example.net
  IPA KRA servers: ipa-master.lab.example.net
  Domain resolution order: example.net:lab.example.net
  IPA DNS servers: ipa-master.lab.example.net, ipa-replica.lab.example.net

Env:
[root@ipa-master ~]# rpm -q ipa-server
ipa-server-4.9.10-9.module+el8.7.0+17437+cf46f77f.x86_64
[root@ipa-master ~]# rpm -q sssd
sssd-2.7.3-4.el8_7.3.x86_64


Actual Results:
# id aduser1
uid=1821401104(aduser1) gid=1821401104(aduser1) groups=1821401104(aduser1),1821400513(domain users)

Expected:
# id aduser1
uid=1821401104(aduser1) gid=1821401104(aduser1) groups=1821401104(aduser1),1821400513(domain users)



Reported by: rhn-support-dcamilof

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/configuring-the-domain-resolution-order-to-resolve-short-ad-user-names_configuring-and-managing-idm#annotations:be86bee8-bc31-43db-a6ca-da3bcb9c7343
Comment 1 Daniel Filho 2023-07-28 16:35:59 UTC 
Additional Reference:

https://github.com/SSSD/sssd/issues/3879