Our IPA servers are in a one-way AD trust.  Since all of our users are in AD, I take advantage of the SSSD settings on the clients to hide the @AD_REALM from their login names, and use AD_REALM as the default_realm.  This works nicely.

Solaris clients, however, do not have the convenience of SSSD.  I understand that the fully-qualified login names are required for systems using the compat feature so that the IPA servers know to lookup those users in AD.  Still, I was wondering if there is anyway of doing something similar on Solaris to hide the domain part if it is the default.  I had hoped that maybe an idview would do it, but seems unlikely. 

Amos