Description of problem: Setting a default_domain_suffix for IDM based authentication would reduce an effort to type in the @domain while authenticating. Version-Release number of selected component (if applicable): Satellite 6.12 How reproducible: Steps to Reproduce: 1. Configure direct AD authentication or IPA authentication from https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html/administering_red_hat_satellite/configuring_external_authentication_admin#Configuring_Direct_AD_Integration_with_GSS_Proxy_admin 2. Check the /etc/sssd/sssd.conf as no default domain suffix is configured 3. Having this we can query user without a domain suffix. Actual results: An end-user would have to type the user syntax to login to Satellite Expected results: We can reduce this effort by setting a default_domain_suffix to the current domain that the host is joined to. Additional info: Under [sssd] section adding default_domain_suffix = example.com to achieve this
We set the required attributes, so we can add this easily https://github.com/theforeman/puppet-foreman/blob/e0fc1487740d36a5a308498576836525d3e52de1/manifests/config.pp#L205-L210
Where should the default domain come from? Should the users state in explicitly when running the installer? Should the installer try to derive it from some other parameter?
Assuming they are joining to the same realm, this should be defaulted to domain name of the satellite instance.
Oh, you already opened a PR about that, thank you and sorry about not noticing it earlier.