summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarko Myllynen <myllynen@redhat.com>2011-10-14 17:10:09 +0300
committerStephen Gallagher <sgallagh@redhat.com>2011-10-14 14:31:33 -0400
commit84528f28d2cd07d41479a73cb179b447fcb147ce (patch)
tree1db60db40becc1ce4ba8b788b5fda16efa701cde
parentf444a4dd113bb7af99f6a51715da868493501f69 (diff)
downloadsssd_unused-84528f28d2cd07d41479a73cb179b447fcb147ce.zip
sssd_unused-84528f28d2cd07d41479a73cb179b447fcb147ce.tar.gz
sssd_unused-84528f28d2cd07d41479a73cb179b447fcb147ce.tar.xz
Update sssd-example.confsssd-1.5.1-58.el6
Mention cache_credentials and tweak the AD example to match the wiki page. https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server
-rw-r--r--src/examples/sssd.conf9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf
index b18c404..59df416 100644
--- a/src/examples/sssd.conf
+++ b/src/examples/sssd.conf
@@ -26,6 +26,8 @@ services = nss, pam
# Consequently, the default value for enumeration is FALSE.
# Refer to the sssd.conf man page for full details.
; enumerate = false
+# Allow offline logins by locally storing password hashes (default: false).
+; cache_credentials = true
# An example Active Directory domain. Please note that this configuration
# works for AD 2003R2 and AD 2008, because they use pretty much RFC2307bis
@@ -39,13 +41,14 @@ services = nss, pam
;
; ldap_uri = ldap://your.ad.example.com
; ldap_search_base = dc=example,dc=com
+; ldap_schema = rfc2307bis
; ldap_sasl_mech = GSSAPI
-; ldap_sasl_authid = hostname$@EXAMPLE.COM
; ldap_user_object_class = user
; ldap_group_object_class = group
; ldap_user_home_directory = unixHomeDirectory
-; ldap_schema = rfc2307bis
-; ldap_force_upper_case_realm = True
+; ldap_user_principal = userPrincipalName
+; ldap_account_expire_policy = ad
+; ldap_force_upper_case_realm = true
;
; krb5_server = your.ad.example.com
; krb5_realm = EXAMPLE.COM