Hi,
In my setup (hello Hadoop!) I have the requirement to simplify user names from a trusted domain (Ad -> FreeIPA -> sssd) so they don’t contain “@“. Furthermore, “id username” needs to return information.
Thus bolke@ad.local mailto:bolke@ad.local needs to become bolke (or bolke_ad_local). And “id -Gn bolke” needs to return my group memberships.
I tried setting
auth_to_local = { RULE:[1:$1@$0](^.*@AD.LOCAL$)s/@AD.LOCAL// DEFAULT }
in /etc/krb5.conf, but that does not seem to work. How do I go about this?
Thanks! Bolke