summaryrefslogtreecommitdiff
path: root/server/examples
AgeCommit message (Collapse)AuthorFilesLines
2009-09-25Convert the example config to v2 format, upgrade config on update onlyJakub Hrozek1-76/+56
2009-09-23Remove provider=filesJakub Hrozek2-22/+0
Remove this provider type, as well as any references in the docs and examples to the "LEGACYLOCAL" migration domain. Fixes: #165
2009-09-11Update documentation and examplesSimo Sorce1-3/+1
Remove the "legacy" option from examples and man pages. Legacy is is finally R.I.P Add docs for ldapSchema in sssd-ldap man page.
2009-09-11Small changes to the example config and manpageJakub Hrozek1-6/+4
Remove magicPrivateGroups since it's set automatically, use bool values for enumerate. Also add a notice about krb5 auth-module with a link to specialized manpage to sssd.conf(5) similar to what we have for ldap auth-module. Move both outside proxy domain description.
2009-09-09Add support for the EntryCacheNoWaitRefreshTimeoutStephen Gallagher1-0/+9
This timeout specifies the lifetime of a cache entry before it is updated out-of-band. When this timeout is hit, the request will still complete from cache, but the SSSD will also go and update the cached entry in the background to extend the life of the cache entry and reduce the wait time of a future request.
2009-08-21extended the documentation of LDAP backendSumit Bose1-0/+26
Added man pages sections about user and group attribute mapping. Added an example configuration to access an AD server.
2009-08-13Make "files" a reserved word for legacy local domainJakub Hrozek1-2/+1
This patch introduces provider=files as a valid provider. Upon loading the backend, its properties in confdb are overwritten to those that represent legacy local domain. Also document this in sssd.conf(5) and example config
2009-06-30Remove redundant libPath option from proxy providerStephen Gallagher1-2/+0
The libPath should be constructed from the libName. There is no benefit to specifying it separately.
2009-05-15Treat the local provider as a special caseStephen Gallagher1-0/+1
The local provider needs no backend, so we'll create a special provider entry for it called "local" that will not attempt to retrieve provider configuration but will remain in the service list so it can be updated when the config file changes.
2009-04-14Make reconnection to the Data Provider a global settingStephen Gallagher1-0/+3
Previously, every DP client was allowed to set its own "retries" option. This option was ambiguous, and useless. All DP clients will now use a global option set in the services config called "reconnection_retries"
2009-04-14Replace the example sssd.conf file with the one used in FedoraStephen Gallagher1-32/+71
Also remove the [services/infopipe] section, since we're not shipping InfoPipe yet, and that would be confusing.
2009-04-13Fix a couple of segfaults and timeout checksSimo Sorce1-1/+0
2009-04-13Implement credentials caching in pam responder.Simo Sorce2-11/+3
Implement credentials caching in pam responder. Currently works only for the proxy backend. Also cleanup pam responder code and mode common code in data provider. (the data provider should never include responder private headers)
2009-04-13Allow configuration of the SSSD through /etc/sssd/sssd.confStephen Gallagher3-159/+51
The SSSD now links with the ini_config and collection libraries in the common directory. The monitor will track changes to the /etc/sssd/sssd.conf file using inotify on platforms that support it, or polled every 5 seconds on platforms that do not. At startup or modification of the conf file, the monitor will purge the existing confdb and reread it completely from the conf file, to ensure that there are no lingering entries. It does this in a transaction, so there should be no race condition with the client services. A new option has been added to the startup options for the SSSD. It is now possible to specify an alternate config file with the -c <file> at the command line.
2009-04-08Change the way we retrieve domainsSimo Sorce1-0/+1
To be able to correctly filter out duplicate names when multiple non-fully qualified domains are in use we need to be able to specify the domains order. This is now accomplished by the configuration paramets 'domains' in the config/domains entry. 'domains' is a comma separated list of domain names. This paramter allows also to have disbaled domains in the configuration without requiring to completely delete them. The domains list is now kept in a linked list of sss_domain_info objects. The first domain is also the "default" domain.
2009-04-07Split modules types in Identity and AuthenticatorSimo Sorce4-21/+53
The same module may implement both types, but initializatrion will be nonetheless performed separately, once for the identity module and once for the authenticator module. Also change the proxy module to retireve the pam target name from the domain configuration so that it is possibile to create per-domain pam stacks. With this modification it is actually possibile to use normal nss and pam modules to perform a successful authentication (tested only with sudo so far) Update exmples.
2009-03-06added PAM default configuration to confdb_init_dbSumit Bose1-1/+1
set default value of enumerate in LOCAL domain to 1 added checks to talloc_asprintf return values fixed InfoPipe defaults
2009-02-25Adding InfoPipe entry to config.ldif exampleStephen Gallagher1-0/+6
Also updating the .gitignore file to not ignore config.ldif Signed-off-by: Simo Sorce <ssorce@redhat.com>
2009-02-25added more ldap backend options and an example configurationSumit Bose1-0/+15
Signed-off-by: Simo Sorce <ssorce@redhat.com>
2009-02-20Change examples accordingly to changes in the codeSimo Sorce2-7/+10
2009-02-13Always pass teh database path explicitly, so that test cases can useSimo Sorce1-0/+1
throw away databases Check version and init main db if empty
2009-02-12Add indexes and attribute types for common attributesSimo Sorce1-0/+18
2009-01-28Add comments on how memberof works.Simo Sorce1-1/+1
Enable memberof by default in the default db example
2009-01-12Regroup database rleated functions under db andSimo Sorce2-11/+11
rename everything with the sysdb suffix.
2009-01-11Use a unified base (temp. dc=sssd), for all domain including LOCAL.Simo Sorce2-13/+17
It makes no sense to have internal attribute names user configurable, remove that option and use macros internally. Also now always pass the domain name to all nss_ldb_* calls.
2009-01-11Turn ldap_provider.c into proxy.c and make it possible to load just anySimo Sorce1-0/+3
libnss library through config directives on the domain object
2009-01-07Add current test ldap provider configuration example.Simo Sorce1-0/+7
It is a bit inconsistent with the existing EXAMPLE, will fix later
2008-11-25Make a binary out of each major sssd component instead ofSimo Sorce1-2/+2
using the same binary to fork off all services.
2008-11-21Update example configSimo Sorce1-0/+2
2008-11-20Update config example with data providerSimo Sorce1-0/+5
2008-11-07Store all domains served by the SSSD to a binary-tree map for fast NSS lookup.Stephen Gallagher1-0/+18
Changed the "section" feature of confdb.c to use '/' as a delimiter instead of '.', because this conflicted with the ability to use dots in domain names.
2008-11-05Update config.ldif exampleSimo Sorce1-0/+6
2008-10-21Make return the pid when new process are started.Simo Sorce1-1/+1
Monitor each service and restart it conditionally if it fails. These monitoring is extremely simple at this moment and just uses waitpid() to check if the client is alive, there is no active probing, that will require dbus. Make nsssrv.c read the sss pipe config option for the config db.
2008-10-21Add example ldifs to bootstrap the serverSimo Sorce2-0/+62