Under IPA Server > ID Views > Default Trust View, add the LDAP user you want to override with POSIX settings.
Then add the SSH public key to the user:
This document is dependent on the following assumptions:
- NetBIOS names of the IPA domain and AD domain must be different.
- In addtion, NetBIOS names of the IPA server and AD DC server must be different.
- Encoredev.local is the AD domain
- encoredev1.encoredev.local will host this domain and associated DNS
- Linux.local is the IPA domain
- ipa1.linux.local will host this domain and associated DNS records
- The /etc/hosts file is configured
- The servers hostname is configured correctly
- The server has firewalld disabled or the appropriate firewall ports have been opened.
- NS1/NS2 = 172.16.40.2/172.16.40.3
- DEVNS1/DEVNS2 = 172.16.104.2/172.16.105.3
- Windows Domain = encoredev.local
- IPA domain = linux.local
- Active Directory Linux Admins Group = LinuxAdmins
- NFS Server = nfs.linux.local
- nfs.linux.local has been added as an IPA Client