On (15/05/15 17:27), Andy Thompson wrote: >Is there a way to enforce case sensitivity for trusted AD users? I am trying >to use username for ssh chroots and I can authenticated with any case >combination of <UsERname> but if ssh is set to match on <username> then the >chroot is not enforced and the user is dropped to their usual home directory. >I found a case_sensitive option for sssd but it does not seem to have any >affect. Running RHEL6.6 clients. >
IPA domain is by default case sensitive. So You will not change anything if you put "case_sensitive = true" into domain section of sssd.conf. But SSSD will create subdomains for each AD domain. It is different id_provider therefore different default values are used for subdomains and for AD provider it is case *insensitive* by default. Currently there's no way how to change it for subdomains (AD trusted domains) LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
