Bug 2227308 - [DDF] Is there any other way where I can display the user data without domain? [NEEDINFO]
Summary: [DDF] Is there any other way where I can display the user data without domain?
Keywords:
Status: ASSIGNED
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: Documentation
Version: 8.0
Hardware: All
OS: All
high
medium
Target Milestone: rc
: ---
Assignee: lmcgarry
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-28 16:33 UTC by Direct Docs Feedback
Modified: 2023-08-15 09:17 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: ---
Target Upstream Version:
Embargoed:
lmcgarry: needinfo? (sbose)

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-163792 0 None None None 2023-07-28 16:34:11 UTC

Description Direct Docs Feedback 2023-07-28 16:33:30 UTC 
Is there any other way where I can display the user data without domain?

IPA:
[root@ipa-client ~]# ipa config-show
  Maximum username length: 32
  Maximum hostname length: 64
  Home directory base: /home
  Default shell: /bin/sh
  Default users group: ipausers
  Default e-mail domain: lab.example.net
  Search time limit: 2
  Search size limit: 100
  User search fields: uid,givenname,sn,telephonenumber,ou,title
  Group search fields: cn,description
  Enable migration mode: True
  Certificate Subject base: O=LAB.EXAMPLE.NET
  Password Expiration Notification (days): 4
  Password plugin features: AllowNThash
  SELinux user map order: guest_u:s0$xguest_u:s0$user_u:s0$staff_u:s0-s0:c0.c1023$sysadm_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
  Default SELinux user: unconfined_u:s0-s0:c0.c1023
  Default PAC types: MS-PAC, nfs:NONE
  Default user authentication types: otp
  Enable adding subids to new users: False
  IPA masters: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA master capable of PKINIT: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA CA servers: ipa-master.lab.example.net, ipa-replica.lab.example.net
  IPA CA renewal master: ipa-master.lab.example.net
  IPA KRA servers: ipa-master.lab.example.net
  Domain resolution order: example.net:lab.example.net
  IPA DNS servers: ipa-master.lab.example.net, ipa-replica.lab.example.net

Env:
[root@ipa-master ~]# rpm -q ipa-server
ipa-server-4.9.10-9.module+el8.7.0+17437+cf46f77f.x86_64
[root@ipa-master ~]# rpm -q sssd
sssd-2.7.3-4.el8_7.3.x86_64


Actual Results:
# id aduser1
uid=1821401104(aduser1) gid=1821401104(aduser1) groups=1821401104(aduser1),1821400513(domain users)

Expected:
# id aduser1
uid=1821401104(aduser1) gid=1821401104(aduser1) groups=1821401104(aduser1),1821400513(domain users)



Reported by: rhn-support-dcamilof

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/configuring-the-domain-resolution-order-to-resolve-short-ad-user-names_configuring-and-managing-idm#annotations:be86bee8-bc31-43db-a6ca-da3bcb9c7343
Comment 1 Daniel Filho 2023-07-28 16:35:59 UTC 
Additional Reference:

https://github.com/SSSD/sssd/issues/3879
Note You need to log in before you can comment on or make changes to this bug.