2021-03-26 15:31:05 +03:00
|
|
|
[nss]
|
|
|
|
filter_groups = root,adm
|
|
|
|
filter_users = root,adm
|
|
|
|
reconnection_retries = 3
|
|
|
|
|
|
|
|
[pam]
|
|
|
|
reconnection_retries = 3
|
|
|
|
|
|
|
|
[sssd]
|
|
|
|
###domains###
|
|
|
|
config_file_version = 2
|
|
|
|
services = nss, pam
|
|
|
|
|
|
|
|
###[domain/###
|
2022-12-27 10:32:14 +03:00
|
|
|
###ad_server###
|
2021-03-26 15:31:05 +03:00
|
|
|
###krb5_realm###
|
|
|
|
realmd_tags = manages-system joined-with-adcli
|
|
|
|
cache_credentials = True
|
|
|
|
id_provider = ad
|
|
|
|
krb5_store_password_if_offline = True
|
|
|
|
default_shell = /bin/bash
|
|
|
|
ldap_id_mapping = True
|
|
|
|
use_fully_qualified_names = False
|
|
|
|
fallback_homedir = /home/%u
|
|
|
|
access_provider = ad
|
|
|
|
ad_gpo_access_control = permissive
|
|
|
|
ad_gpo_ignore_unreadable = true
|
|
|
|
enumerate = true
|
|
|
|
auth_provider = ad
|
|
|
|
chpass_provider = ad
|
|
|
|
dyndns_update = true
|
|
|
|
dyndns_update_ptr = false
|
|
|
|
###ad_hostname###
|
|
|
|
ldap_schema = ad
|
|
|
|
ldap_sasl_mech = gssapi
|
|
|
|
ldap_krb5_init_creds = true
|