aboutsummaryrefslogtreecommitdiff
path: root/company/ad-templates/sssd.conf.FreeBSD
blob: 2be88fe4c7d0125c85b3886e74ca8f4913c07e5c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Ansible-controlled filename: /etc/sssd/sssd.conf
# Source: ansible sssd.conf.FreeBSD
# Date: 2016-03-04
# Reference: Building the Centos 7 Template.docx
# NOTE: This file is managed via Ansible: manual changes will be lost

[domain/default]
autofs_provider = ldap
cache_credentials = True
krb5_realm = EXAMPLE.COM
ldap_search_base = dc=example,dc=com
krb5_server = dc1.example.com,dc2.example.com,dc3.example.com,dc4.example.com
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
krb5_store_password_if_offline = True
ldap_uri = ldap://example.com
krb5_kpasswd = dc1.example.com,dc2.example.com,dc3.example.com,dc4.example.com
ldap_tls_cacertdir = /etc/openldap/cacerts

[sssd]
domains = default, example.com
config_file_version = 2
services = nss, pam

[domain/example.com]
ad_domain = example.com
krb5_realm = EXAMPLE.COM
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = False
fallback_homedir = /home/%d/%u
access_provider = ad
ad_access_filter = (&(memberOf=CN=Linux-Server-Access_grp,OU=Linux-Access,OU=Accounts-Groups,DC=example,DC=com)(unixHomeDirectory=*))
simple_allow_users = Bgstack15, bgstack15, User16, user16
case_sensitive = true
ad_gpo_access_control = disabled
bgstack15