diff options
Diffstat (limited to 'server/examples/sssd.conf')
| -rw-r--r-- | server/examples/sssd.conf | 81 |
1 files changed, 0 insertions, 81 deletions
diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf deleted file mode 100644 index 82c6d6b0..00000000 --- a/server/examples/sssd.conf +++ /dev/null @@ -1,81 +0,0 @@ -[sssd] -config_file_version = 2 -# Number of times services should attempt to reconnect in the -# event of a crash or restart before they give up -reconnection_retries = 3 -# if a backend is particularly slow you can raise this timeout here -sbus_timeout = 30 -services = nss, pam -; domains = LOCAL,LDAP -# SSSD will not start if you don't configure any domain. -# Add new domains condifgurations as [domain/<NAME>] sections. -# Then add the list of domains (in the order you want them to be -# queried in the 'domains" attribute above and uncomment it - - -[nss] -# the following prevents sssd for searching for the root user/group in -# all domains (you can add here a comma separated list of system accounts are -# always going to be /etc/passwd users, or that you want to filter out) -filter_groups = root -filter_users = root -reconnection_retries = 3 - -# The EntryCacheTimeout indicates the number of seconds to retain before -# an entry in cache is considered stale and must block to refresh. -# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to -# wait before updating the cache out-of-band. (NSS requests will still -# be returned from cache until the full EntryCacheTimeout). Setting this -# value to 0 turns this feature off (default) -; entry_cache_timeout = 600 -; entry_cache_nowait_timeout = 300 - -[pam] -reconnection_retries = 3 - -# Example LOCAL domain that stores all users natively in the SSSD internal -# directory. These local users and groups are not visibile in /etc/passwd, it -# now contains only root and system accounts. -; [domain/LOCAL] -; description = LOCAL Users domain -; id_provider = local -; enumerate = true -; min_id = 500 -; max_id = 999 - -# Example native LDAP domain -; [domain/LDAP] -; id_provider = ldap -; auth_provider = ldap -; ldap_uri = ldap://ldap.mydomain.org -; ldap_user_search_base = dc=mydomain,dc=org -; ldap_tls_reqcert = demand -; cache_credentials = true -; enumerate = true - -# Example LDAP domain where the LDAP server is an Active Directory server. - -; [domain/AD] -; description = LDAP domain with AD server -; enumerate = false -; min_id = 1000 -; -; id_provider = ldap -; auth_provider = ldap -; ldap_uri = ldap://your.ad.server.com -; ldap_schema = rfc2307bis -; ldap_user_search_base = cn=users,dc=example,dc=com -; ldap_group_search_base = cn=users,dc=example,dc=com -; ldap_default_bind_dn = cn=Administrator,cn=Users,dc=example,dc=com -; ldap_default_authtok_type = password -; ldap_default_authtok = YOUR_PASSWORD -; ldap_user_object_class = person -; ldap_user_name = msSFU30Name -; ldap_user_uid_number = msSFU30UidNumber -; ldap_user_gid_number = msSFU30GidNumber -; ldap_user_home_directory = msSFU30HomeDirectory -; ldap_user_shell = msSFU30LoginShell -; ldap_user_principal = userPrincipalName -; ldap_group_object_class = group -; ldap_group_name = msSFU30Name -; ldap_group_gid_number = msSFU30GidNumber |