summaryrefslogtreecommitdiffstats
path: root/src/config/testconfigs/sssd-noversion.conf
blob: d5f524d268dd43825364a4b464909cf1b9441646 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
[nss]
nss_filter_groups = root
nss_entry_negative_timeout = 15
debug_level = 0
nss_filter_users_in_groups = true
nss_filter_users = root
nss_entry_cache_no_wait_timeout = 60
nss_entry_cache_timeout = 600
nss_enum_cache_timeout = 120

[sssd]
services = nss, pam
reconnection_retries = 3
domains = LOCAL, IPA

[domain/PROXY]
id_provider = proxy
auth_provider = proxy
debug_level = 0

[domain/IPA]
id_provider = ldap
auth_provider = krb5
debug_level = 0

[domain/LOCAL]
id_provider = local
auth_provider = local
debug_level = 0

[domain/LDAP]
id_provider = ldap
auth_provider = ldap
debug_level = 0

[pam]
debug_level = 0

[dp]
debug_level = 0

[domain/ad.example.com]
cache_credentials = true

id_provider = ad
auth_provider = ad
access_provider = ad

# Uncomment if service discovery is not working
# ad_server = server.ad.example.com

# Uncomment if you want to use POSIX UIDs and GIDs set on the AD side
# ldap_id_mapping = False

# Comment out if the users have the shell and home dir set on the AD side
default_shell = /bin/bash
fallback_homedir = /home/%d/%u

# Uncomment and adjust if the default principal SHORTNAME$@REALM is not available
# ldap_sasl_authid = host/client.ad.example.com@AD.EXAMPLE.COM

# Comment out if you prefer to user shortnames.
use_fully_qualified_names = True