# Format: # option = type, subtype, mandatory[, default] [service] # Options available to all services debug_level = int, None, false debug_timestamps = bool, None, false debug_microseconds = bool, None, false debug_to_files = bool, None, false command = str, None, false reconnection_retries = int, None, false fd_limit = int, None, false client_idle_timeout = int, None, false force_timeout = int, None, false [sssd] # Monitor service services = list, str, true, nss, pam domains = list, str, true timeout = int, None, false sbus_timeout = int, None, false re_expression = str, None, false full_name_format = str, None, false krb5_rcache_dir = str, None, false default_domain_suffix = str, None, false [nss] # Name service enum_cache_timeout = int, None, false entry_cache_nowait_percentage = int, None, false entry_negative_timeout = int, None, false filter_users = list, str, false filter_groups = list, str, false filter_users_in_groups = bool, None, false pwfield = str, None, false override_homedir = str, None, false fallback_homedir = str, None, false override_shell = str, None, false allowed_shells = list, str, false vetoed_shells = list, str, false shell_fallback = str, None, false default_shell = str, None, false get_domains_timeout = int, None, false memcache_timeout = int, None, false [pam] # Authentication service offline_credentials_expiration = int, None, false offline_failed_login_attempts = int, None, false offline_failed_login_delay = int, None, false pam_verbosity = int, None, false pam_id_timeout = int, None, false pam_pwd_expiration_warning = int, None, false get_domains_timeout = int, None, false [sudo] # sudo service sudo_timed = bool, None, false [autofs] # autofs service autofs_negative_timeout = int, None, false [ssh] # ssh service ssh_hash_known_hosts = bool, None, false ssh_known_hosts_timeout = int, None, false [pac] # PAC responder allowed_uids = str, None, false [provider] #Available provider types id_provider = str, None, true auth_provider = str, None, false access_provider = str, None, false chpass_provider = str, None, false sudo_provider = str, None, false autofs_provider = str, None, false session_provider = str, None, false hostid_provider = str, None, false subdomains_provider = str, None, false [domain] # Options available to all domains description = str, None, false debug_level = int, None, false debug_timestamps = bool, None, false command = str, None, false min_id = int, None, false max_id = int, None, false timeout = int, None, false try_inotify = bool, None, false enumerate = bool, None, false force_timeout = int, None, false cache_credentials = bool, None, false store_legacy_passwords = bool, None, false use_fully_qualified_names = bool, None, false ignore_group_members = bool, None, false entry_cache_timeout = int, None, false lookup_family_order = str, None, false account_cache_expiration = int, None, false pwd_expiration_warning = int, None, false filter_users = list, str, false filter_groups = list, str, false dns_resolver_timeout = int, None, false dns_discovery_domain = str, None, false override_gid = int, None, false case_sensitive = bool, None, false override_homedir = str, None, false fallback_homedir = str, None, false override_shell = str, None, false #Entry cache timeouts entry_cache_user_timeout = int, None, false entry_cache_group_timeout = int, None, false entry_cache_netgroup_timeout = int, None, false entry_cache_service_timeout = int, None, false entry_cache_autofs_timeout = int, None, false entry_cache_sudo_timeout = int, None, false refresh_expired_interval = int, None, false # Special providers [provider/permit] [provider/permit/access] [provider/deny] [provider/deny/access]