42 lines
901 B
Django/Jinja
42 lines
901 B
Django/Jinja
[sssd]
|
|
services = nss, pam, sudo, ssh
|
|
domains = ldap
|
|
|
|
[nss]
|
|
#debug_level = 0x3ff0
|
|
|
|
[pam]
|
|
|
|
[domain/ldap]
|
|
#debug_level = 0x3ff0
|
|
id_provider = ldap
|
|
auth_provider = ldap
|
|
chpass_provider = ldap
|
|
sudo_provider = ldap
|
|
ldap_schema = rfc2307
|
|
ldap_uri = ldap://ldap.home.jthan.io
|
|
ldap_search_base = dc=ldap,dc=home,dc=jthan,dc=io
|
|
ldap_sudo_search_base = ou=SUDOers,dc=ldap,dc=home,dc=jthan,dc=io
|
|
ldap_id_use_start_tls = true
|
|
ldap_tls_reqcert = demand
|
|
ldap_user_object_class = posixAccount
|
|
ldap_group_object_class = posixGroup
|
|
ldap_user_uid_number = uidNumber
|
|
ldap_user_gid_number = gidNumber
|
|
ldap_user_home_directory = homeDirectory
|
|
ldap_user_shell = loginShell
|
|
ldap_user_ssh_public_key = sshPublicKey
|
|
|
|
cache_credentials = true
|
|
enumerate = false
|
|
|
|
# Access control (optional)
|
|
# ldap_access_filter = (memberOf=cn=linux-users,ou=groups,dc=example,dc=com)
|
|
|
|
[sudo]
|
|
#debug_level = 0x3ff0
|
|
|
|
[ssh]
|
|
#debug_level = 0x3ff0
|
|
|