1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# Format:
# option = type, subtype, mandatory[, default]
[service]
# Options available to all services
debug_level = int, None, false
debug_timestamps = bool, None, false
debug_to_files = bool, None, false
command = str, None, false
reconnection_retries = int, None, false
[sssd]
# Monitor service
services = list, str, true, nss, pam
domains = list, str, true
timeout = int, None, false
sbus_timeout = int, None, false
re_expression = str, None, false
full_name_format = str, None, false
[nss]
# Name service
enum_cache_timeout = int, None, false
entry_cache_no_wait_percentage = int, None, false
entry_negative_timeout = int, None, false
filter_users = list, str, false
filter_groups = list, str, false
filter_users_in_groups = bool, None, false
pwfield = str, None, false
[pam]
# Authentication service
offline_credentials_expiration = int, None, false
offline_failed_login_attempts = int, None, false
offline_failed_login_delay = int, None, false
[provider]
#Available provider types
id_provider = str, None, true
auth_provider = str, None, true
access_provider = str, None, false
chpass_provider = str, None, false
[domain]
# Options available to all domains
debug_level = int, None, false, 0
debug_timestamps = bool, None, false
command = str, None, false
min_id = int, None, false
max_id = int, None, false
timeout = int, None, false
enumerate = bool, None, false
cache_credentials = bool, None, true, false
store_legacy_passwords = bool, None, false
use_fully_qualified_names = bool, None, false
entry_cache_timeout = int, None, false
lookup_family_order = str, None, false
account_cache_expiration = int, None, false
filter_users = list, str, false
filter_groups = list, str, false
dns_resolver_timeout = int, None, false
dns_discovery_domain = str, None, false
# Special providers
[provider/permit]
[provider/permit/access]
[provider/deny]
[provider/deny/access]
|