1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
# Format:
# option = type, subtype, mandatory[, default]
[service]
# Options available to all services
debug_level = int, None, false
debug_timestamps = bool, None, false
debug_microseconds = bool, None, false
debug_to_files = bool, None, false
command = str, None, false
reconnection_retries = int, None, false
fd_limit = int, None, false
client_idle_timeout = int, None, false
force_timeout = int, None, false
description = str, None, false
[sssd]
# Monitor service
services = list, str, true, nss, pam
domains = list, str, true
timeout = int, None, false
sbus_timeout = int, None, false
re_expression = str, None, false
full_name_format = str, None, false
krb5_rcache_dir = str, None, false
default_domain_suffix = str, None, false
[nss]
# Name service
enum_cache_timeout = int, None, false
entry_cache_nowait_percentage = int, None, false
entry_negative_timeout = int, None, false
filter_users = list, str, false
filter_groups = list, str, false
filter_users_in_groups = bool, None, false
pwfield = str, None, false
override_homedir = str, None, false
fallback_homedir = str, None, false
override_shell = str, None, false
allowed_shells = list, str, false
vetoed_shells = list, str, false
shell_fallback = str, None, false
default_shell = str, None, false
get_domains_timeout = int, None, false
memcache_timeout = int, None, false
[pam]
# Authentication service
offline_credentials_expiration = int, None, false
offline_failed_login_attempts = int, None, false
offline_failed_login_delay = int, None, false
pam_verbosity = int, None, false
pam_id_timeout = int, None, false
pam_pwd_expiration_warning = int, None, false
get_domains_timeout = int, None, false
[sudo]
# sudo service
sudo_timed = bool, None, false
[autofs]
# autofs service
autofs_negative_timeout = int, None, false
[ssh]
# ssh service
ssh_hash_known_hosts = bool, None, false
ssh_known_hosts_timeout = int, None, false
[pac]
# PAC responder
allowed_uids = str, None, false
[provider]
#Available provider types
id_provider = str, None, true
auth_provider = str, None, false
access_provider = str, None, false
chpass_provider = str, None, false
sudo_provider = str, None, false
autofs_provider = str, None, false
session_provider = str, None, false
hostid_provider = str, None, false
subdomains_provider = str, None, false
[domain]
# Options available to all domains
description = str, None, false
debug_level = int, None, false
debug_timestamps = bool, None, false
command = str, None, false
min_id = int, None, false
max_id = int, None, false
timeout = int, None, false
try_inotify = bool, None, false
enumerate = bool, None, false
subdomain_enumerate = str, None, false
force_timeout = int, None, false
cache_credentials = bool, None, false
store_legacy_passwords = bool, None, false
use_fully_qualified_names = bool, None, false
ignore_group_members = bool, None, false
entry_cache_timeout = int, None, false
lookup_family_order = str, None, false
account_cache_expiration = int, None, false
pwd_expiration_warning = int, None, false
filter_users = list, str, false
filter_groups = list, str, false
dns_resolver_timeout = int, None, false
dns_discovery_domain = str, None, false
override_gid = int, None, false
case_sensitive = bool, None, false
override_homedir = str, None, false
fallback_homedir = str, None, false
override_shell = str, None, false
default_shell = str, None, false
description = str, None, false
realmd_tags = str, None, false
subdomain_refresh_interval = int, None, false
#Entry cache timeouts
entry_cache_user_timeout = int, None, false
entry_cache_group_timeout = int, None, false
entry_cache_netgroup_timeout = int, None, false
entry_cache_service_timeout = int, None, false
entry_cache_autofs_timeout = int, None, false
entry_cache_sudo_timeout = int, None, false
refresh_expired_interval = int, None, false
# Dynamic DNS updates
dyndns_update = bool, None, false
dyndns_ttl = int, None, false
dyndns_iface = str, None, false
dyndns_refresh_interval = int, None, false
dyndns_update_ptr = bool, None, false
dyndns_force_tcp = bool, None, false
dyndns_auth = str, None, false
# Special providers
[provider/permit]
[provider/permit/access]
[provider/deny]
[provider/deny/access]
|
