AD trust configuration
I have an AD trust set up with my IDM servers. I can log in to an IDM client, and have figured out how to override the default shell (/bin/sh) and the home directories using overrides in /etc/sssd/sssd.conf on the client.
Two questions:
1. Is is possible to do the above overrides on the IPA server instead?
- ls -l displays user@fully.qualified.domain for both user and group. How do I get rid of the domain part of that?
Both the IPA servers and the client are RHEL 7.8.
I have to use domain\user to log in via ssh, but I don't care about that. It would be nice to use just user, but I tried setting:
ipa config-mod --domain-resolution-order=ipa.domain:ad.domain
on the server, that just made ls behaviour worse.