forked from infra/ansible
24 lines
620 B
Plaintext
24 lines
620 B
Plaintext
|
[sssd]
|
||
|
config_file_version = 2
|
||
|
domains = binary-kitchen.de
|
||
|
|
||
|
[domain/binary-kitchen.de]
|
||
|
auth_provider = ldap
|
||
|
chpass_provider = ldap
|
||
|
id_provider = ldap
|
||
|
cache_credentials = false
|
||
|
case_sensitive = true
|
||
|
enumerate = false
|
||
|
min_id = 10000
|
||
|
ldap_schema = rfc2307bis
|
||
|
ldap_default_authtok_type = password
|
||
|
ldap_default_bind_dn = {{ ldap_binddn }}
|
||
|
ldap_default_authtok = {{ ldap_bindpw }}
|
||
|
ldap_uri = {{ ldap_uri }}
|
||
|
ldap_search_base = {{ ldap_base }}
|
||
|
ldap_user_search_base = {{ sssd_base_user }}
|
||
|
ldap_group_search_base = {{ sssd_base_group }}
|
||
|
ldap_id_use_start_tls = true
|
||
|
ldap_tls_reqcert = demand
|
||
|
ldap_tls_cacertdir = /etc/ssl/certs
|