Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # sssd.conf
- [domain/default]
- ldap_id_use_start_tls = False
- ldap_schema = rfc2307bis
- ldap_search_base = dc=ad,dc=blahblah,dc=com
- krb5_realm = AD.BLAHBLAH.COM
- krb5_server = dc1.ad.blahblah.com,dc2.ad.blahblah.com
- id_provider = ldap
- auth_provider = ldap
- chpass_provider = ldap
- ldap_uri = ldap://dc1.ad.blahblah.com,ldap://dc2.ad.blahblah.com
- krb5_kdcip = dc1.ad.blahblah.com,dc2.ad.blahblah.com
- cache_credentials = True
- ldap_tls_cacertdir = /etc/openldap/cacerts
- ldap_tls_reqcert = never
- ldap_force_upper_case_realm = True
- ldap_user_object_class = person
- ldap_group_object_class = group
- ldap_user_gecos = displayName
- ldap_user_home_directory = unixHomeDirectory
- ldap_default_bind_dn = ldap-bind@ad.blahblah.com
- ldap_default_authtok_type = password
- ldap_default_authtok = Not!Brazzers!!
- override_shell = /bin/bash
- [sssd]
- services = nss, pam
- config_file_version = 2
- domains = default
- [nss]
- filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd,vsifax,orca,newrelic,admin,pe-puppet
- [pam]
- [sudo]
- [autofs]
- [ssh]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement