Simo Sorce wrote: > On Thu, 2009-11-12 at 11:28 +1000, David O'Brien wrote: >> Demonstrating ignorance again... >> >> I have a very simple sssd implementation, only one local domain. >> >> I have nsswitch.conf configured with >> passwd sss >> group sss >> >> I can do sss_useradd, sss_groupadd, etc., and all works fine. >> I can do getent -s sss group|passwd and see what's going on. >> >> What happens if I have more than one domain configured? Do I need to use >> FQDN to specify where a user will get created? >> sss_useradd usern...@otherdomain > > You can but if you are not using fully qualified names at the backend > level (see the FQDN option) it is kind of useless as the system will > only get back one user given a name from the first backend. > If a domain uses fully qualified names the only way to get a user out is > by using the fully qualified name.
I wondered if that would be the case. I'd only partially tested it. > >> Does this work for sss_groupadd? > > No sss_tools work only against the local provider and it doesn't make > sense (and is not supported) to have more than one local provider. "clink" (that was a penny dropping) I didn't think >1 local provider was on the cards, but beyond that... sss_useradd <user> adds <user> to LOCAL ipa user-add <user> adds <user> to the ldap back end that IPA is using ldapadd... if you just have an ldap back end set up I dare say there are more options, depending on what environment you're working in. > >> The closest I could get to this was the "re_expression (string)" entry >> in the sssd.conf man page. > > Don't touch that one :-) I was hoping I wouldn't have to :D /dob > > Simo. > -- David O'Brien Red Hat Asia Pacific +61 7 3514 8189 http://freeipa.org/page/DocumentationPortal http://git.fedorahosted.org/git/ipadocs.git "The most valuable of all talents is that of never using two words when one will do." Thomas Jefferson _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel