SSSD Manual pages sssd-ipa 5 File Formats and Conventions sssd-ipa the configuration file for SSSD DESCRIPTION This manual page describes the configuration of the IPA Provider for sssd 8 . For a detailed syntax reference, please refer to the FILE FORMAT section of the sssd.conf 5 manual page The IPA provider is a backend useful to connect to an IPA server. (see freeipa.org for information about IPa servers). It requires that the machine has been joined to the IPA domain, and configuration is almost entirely self discovered and obtained directly from the server. CONFIGURATION OPTIONS sssd.conf 5 manual page, section DOMAIN SECTIONS for details on the configuration of a SSSD domain. ipa_domain (string) Specifies the name of the IPA domain. This is optional, if not provided the configuration domain name is used. ipa_server (string) The name of the IPA server. If autodiscovery is enabled this is optional. ipa_hostname (string) Optional. Maybe set on some machine where the hostname(5) does not reflect the fully qualified name used in the IPA domain to identify this host. krb5_ccachedir (string) Directory to store credential caches. Default: /tmp ipa_search_timeout (integer) Specifies the timeout (in seconds) after which a search against the ipa server is forcibly terminated. Default: 60 ipa_network_timeout (integer) Specifies the timeout (in seconds) after which the poll 2 / select 2 following a non-search operation against the ipa server is forcibly terminated. Default: 6 ipa_offline_timeout (integer) Specifies the "black-out" time before any new network operation is attempted after the ipa provider has turned into offline operation mode. Default: 60 EXAMPLE The following example assumes that SSSD is correctly configured and example.com is one of the domains in the [sssd] section. This examples shows only the ipa provider specific options. [domain/example.com] id_provider = ipa ipa_server = ipaserver.example.com ipa_hostname = myhost.example.com SEE ALSO sssd.conf5 , sssd8