Subversion Repositories configs

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
3 - 1
[sssd]
2
config_file_version = 2
3
services = nss, pam
4
# SSSD will not start if you do not configure any domains.
5
# Add new domain configurations as [domain/<NAME>] sections, and
6
# then add the list of domains (in the order you want them to be
7
# queried) to the "domains" attribute below and uncomment it.
8
; domains = LDAP
9
 
10
[nss]
11
 
12
[pam]
13
 
14
# Example LDAP domain
15
; [domain/LDAP]
16
; id_provider = ldap
17
; auth_provider = ldap
18
# ldap_schema can be set to "rfc2307", which stores group member names in the
19
# "memberuid" attribute, or to "rfc2307bis", which stores group member DNs in
20
# the "member" attribute. If you do not know this value, ask your LDAP
21
# administrator.
22
; ldap_schema = rfc2307
23
; ldap_uri = ldap://ldap.mydomain.org
24
; ldap_search_base = dc=mydomain,dc=org
25
# Note that enabling enumeration will have a moderate performance impact.
26
# Consequently, the default value for enumeration is FALSE.
27
# Refer to the sssd.conf man page for full details.
28
; enumerate = false
29
# Allow offline logins by locally storing password hashes (default: false).
30
; cache_credentials = true
31
 
32
# An example Active Directory domain. Please note that this configuration
33
# works for AD 2003R2 and AD 2008, because they use pretty much RFC2307bis
34
# compliant attribute names. To support UNIX clients with AD 2003 or older,
35
# you must install Microsoft Services For Unix and map LDAP attributes onto
36
# msSFU30* attribute names.
37
; [domain/AD]
38
; id_provider = ldap
39
; auth_provider = krb5
40
; chpass_provider = krb5
41
;
42
; ldap_uri = ldap://your.ad.example.com
43
; ldap_search_base = dc=example,dc=com
44
; ldap_schema = rfc2307bis
45
; ldap_sasl_mech = GSSAPI
46
; ldap_user_object_class = user
47
; ldap_group_object_class = group
48
; ldap_user_home_directory = unixHomeDirectory
49
; ldap_user_principal = userPrincipalName
50
; ldap_account_expire_policy = ad
51
; ldap_force_upper_case_realm = true
52
;
53
; krb5_server = your.ad.example.com
54
; krb5_realm = EXAMPLE.COM