13.2.15. Domain Options: Setting Username Formats
jsmith
in the ldap.example.com
domain and jsmith
in the ldap.otherexample.com
domain.
[sssd]
section of the configuration and can then be defined individually in each domain section.
re_expression
parameter.
(?P<name>[^@]+)@?(?P<domain>[^@]*$)
Note
jsmith
and if the user belongs to the LOCAL domain (for example), then his user name is interpreted by SSSD as jsmith@LOCAL
.
(?P<domain>[^\\]*?)\\?(?P<name>[^\\]+$)
- username
- username@domain.name
- DOMAIN\username
(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))
Note
jsmith@ldap.example.com
, always returns the proper user account. If there are multiple users with the same user name in different domains, specifying only the user name returns the user for whichever domain comes first in the lookup order.
re_expression
is the most important method for setting user name formats, there are two other options which are useful for other applications.
The first sets a default domain name to be used with all users, default_domain_suffix
. (This is a global setting, available in the [sssd]
section only.) There may be a case where multiple domains are configured but only one stores user data and the others are used for host or service identities. Setting a default domain name allows users to log in with only their user name, not specifying the domain name (which would be required for users outside the primary domain).
[sssd] ... default_domain_suffix = USERS.EXAMPLE.COM
The other parameter is related to re_expression
, only instead of defining how to interpret a user name, it defines how to print an identified name. The full_name_format
parameter sets how the user name and domain name (once determined) are displayed.
full_name_format = %1$s@%2$s