mirror of
https://github.com/lldap/lldap.git
synced 2026-04-05 14:48:10 +00:00
1f89059c84
* example_config: moving nslcd old guide to NSLCD.md * example_config: creating README for SSSD * example_config: creating sssd.conf * example_config: removing explicit links and adding a reference to the old NSLCD guide * example_config: fixing images in pam README * example_config: add how to enable automatic home directory creation * example_config: fixing typo in command to edit ssh config * example_config: using commments instead of line numbers for the example sssd.conf file --------- Co-authored-by: nitnelave <valentin@tolmer.fr>
55 lines
1.3 KiB
Plaintext
55 lines
1.3 KiB
Plaintext
[sssd]
|
|
config_file_version = 2
|
|
# Change the domain below. It must match with the one in the [domain/] part
|
|
domains = example.com
|
|
|
|
[nss]
|
|
|
|
[pam]
|
|
|
|
# Put the same domain here
|
|
[domain/example.com]
|
|
id_provider = ldap
|
|
auth_provider = ldap
|
|
chpass_provider = ldap
|
|
ldap_schema = rfc2307
|
|
# Place your LDAP server url here
|
|
ldap_uri = ldaps://lldap.example.com:6360/
|
|
# Put your LDAP dc here
|
|
ldap_search_base = dc=example,dc=com
|
|
|
|
# Bind credentials
|
|
# Bind user username (Should be in group lldap_strict_readonly)
|
|
ldap_default_bind_dn = uid=binduser,ou=people,dc=example,dc=com
|
|
# Bind user password
|
|
ldap_default_authtok = bindpassword
|
|
|
|
# TLS settings
|
|
ldap_tls_reqcert = demand
|
|
# Put the certificate you generate for LDAPS here
|
|
ldap_tls_cacert = YOUR-LDAP-CERT
|
|
|
|
# User mappings
|
|
# Put your LDAP dc here
|
|
ldap_user_search_base = ou=people,dc=example,dc=com
|
|
ldap_user_object_class = posixAccount
|
|
ldap_user_name = uid
|
|
ldap_user_gecos = uid
|
|
ldap_user_uid_number = uidNumber
|
|
ldap_user_gid_number = gidNumber
|
|
ldap_user_home_directory = homeDirectory
|
|
ldap_user_shell = unixShell
|
|
|
|
# Uncomment for SSH Key Sync setup
|
|
#ldap_user_ssh_public_key = sshPublicKey
|
|
|
|
# Group mappings
|
|
# Put your LDAP dc here
|
|
ldap_group_search_base = ou=groups,dc=example,dc=com
|
|
ldap_group_object_class = groupOfUniqueNames
|
|
ldap_group_name = cn
|
|
ldap_group_member = uniqueMember
|
|
|
|
access_provider = permit
|
|
cache_credentials = true
|