[sssd]
config_file_version = 2
services = nss, pam, sudo
domains = LDAP

[nss]

[sudo]

[pam]
pam_verbosity=2
pam_account_locked_message = Hesap Kilitli
offline_credentials_expiration = 90

[domain/LDAP]
debug_level = 9
id_provider = ldap
auth_provider = ldap
access_provider = ldap
#ldap_access_filter = (employeeType=admin)
ldap_access_order = ppolicy
pam_verbosity=2
###ldap_pwdlockout_dn###
ldap_schema = rfc2307
###ldap_uri###
###ldap_default_bind_dn###
###ldap_default_authtok###
ldap_default_authtok_type = password
###ldap_search_base###
###ldap_user_search_base###
###ldap_group_search_base###
ldap_user_object_class = posixAccount
ldap_user_gecos = cn
ldap_tls_reqcert = never
ldap_auth_disable_tls_never_use_in_production = true
override_shell = /bin/bash
enumerate = true
cache_credentials = true
sudo_provider = ldap
###ldap_sudo_search_base###
###90 days
ldap_sudo_full_refresh_interval=7776000
###30 days
ldap_sudo_smart_refresh_interval=2592000
enumerate = false