diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-04-04 12:21:18 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-04-07 14:27:18 -0400 |
| commit | ee762f9b709224a7dc7460fc535ee992045168b8 (patch) | |
| tree | daa6d444d6c52868c0a9109d360a4fe64b333df3 /server/examples/config.ldif | |
| parent | 2df2e775612734712b72dcf0adf6c66ce530a319 (diff) | |
| download | sssd-ee762f9b709224a7dc7460fc535ee992045168b8.tar.gz sssd-ee762f9b709224a7dc7460fc535ee992045168b8.tar.xz sssd-ee762f9b709224a7dc7460fc535ee992045168b8.zip | |
Split modules types in Identity and Authenticator
The same module may implement both types, but initializatrion will be
nonetheless performed separately, once for the identity module and once for the
authenticator module.
Also change the proxy module to retireve the pam target name from the domain
configuration so that it is possibile to create per-domain pam stacks.
With this modification it is actually possibile to use normal nss and pam
modules to perform a successful authentication (tested only with sudo so far)
Update exmples.
Diffstat (limited to 'server/examples/config.ldif')
| -rw-r--r-- | server/examples/config.ldif | 50 |
1 files changed, 29 insertions, 21 deletions
diff --git a/server/examples/config.ldif b/server/examples/config.ldif index b848e4314..6101f0851 100644 --- a/server/examples/config.ldif +++ b/server/examples/config.ldif @@ -15,31 +15,28 @@ activeServices: info dn: cn=nss,cn=services,cn=config cn: nss description: NSS Responder Configuration -unixSocket: /var/lib/sss/pipes/nss -command: /usr/libexec/sssd/sssd_nss +filterGroups: root +filterGroups: foo@TEST +filterUsers: root +filterUsers: bar@TEST dn: cn=dp,cn=services,cn=config cn: dp description: Data Provider Configuration -command: /usr/libexec/sssd/sssd_dp dn: cn=monitor,cn=services,cn=config cn: monitor description: Monitor Configuration sbusTimeout: 10 -sbusAddress: unix:path=/var/lib/sss/pipes/private/dbus servicePingTime: 10 dn: cn=pam,cn=services,cn=config cn: pam -command: /usr/libexec/sssd/sssd_pam description: PAM Responder Configuration -unixSocket: /var/lib/sss/pipes/pam dn: cn=info,cn=services,cn=config cn: info description: InfoPipe Configuration -command: ./sbin/sssd_info dn: cn=domains,cn=config cn: domains @@ -48,32 +45,43 @@ description: Domains served by SSSD dn: cn=LOCAL,cn=domains,cn=config cn: LOCAL description: Reserved domain for local configurations -legacy: FALSE enumerate: 3 - -dn: cn=EXAMPLE.COM,cn=domains,cn=config -cn: EXAMPLE.COM -description: Example domain served by IPA -provider: ipa -server: ipaserver1.example.com -server: ipabackupserver.example.com -legacy: FALSE -enumerate: 0 +minId: 500 +maxId: 999 +legacy: TRUE +libName: files +libPath: /lib64/libnss_files.so.2 +magicPrivateGroups: FALSE +provider: proxy +auth-module: proxy +pam-target: sssdproxylocal dn: cn=TEST,cn=domains,cn=config cn: TEST description: TEST Ldap domain -provider: proxy -command: ./sbin/sssd_be -d 2 --provider proxy --domain TEST libName: ldap libPath: /usr/lib64/libnss_ldap.so.2 legacy: TRUE -enumerate: 0 +enumerate: 3 +useFullyQualifiedNames: TRUE +minId: 1000 +provider: proxy +auth-module: proxy +pam-target: sssdproxytest dn: cn=LDAPTEST,cn=domains,cn=config cn: LDAPTEST basedn: cn=LDAPTEST,sn=sysdb -command: ./sbin/sssd_be --provider ldap --domain LDAPTEST +command: /usr/libexec/sssd/sssd_be --provider ldap --domain LDAPTEST description: TEST PAM Ldap domain provider: ldap userSearchBase: ou=user,dc=my-domain,dc=com + +dn: cn=EXAMPLE.COM,cn=domains,cn=config +cn: EXAMPLE.COM +description: Example domain served by IPA +provider: ipa +server: ipaserver1.example.com +server: ipabackupserver.example.com +legacy: FALSE +enumerate: 0 |