38 lines
1.1 KiB
Text
38 lines
1.1 KiB
Text
[domain/skynet.ie]
|
|
id_provider = ldap
|
|
auth_provider = ldap
|
|
sudo_provider = ldap
|
|
|
|
ldap_uri = ldap://account.skynet.ie:389
|
|
|
|
ldap_search_base = dc=skynet,dc=ie
|
|
# thank ye https://medium.com/techish-cloud/linux-user-ssh-authentication-with-sssd-ldap-without-joining-domain-9151396d967d
|
|
ldap_user_search_base = ou=users,dc=skynet,dc=ie?sub?(|(skMemberOf=cn=skynet-admins-linux,ou=groups,dc=skynet,dc=ie)(skMemberOf=cn=skynet-trainees-linux,ou=groups,dc=skynet,dc=ie)(skMemberOf=cn=skynet-admins,ou=groups,dc=skynet,dc=ie))
|
|
ldap_group_search_base = ou=groups,dc=skynet,dc=ie
|
|
# using commas from https://support.hpe.com/hpesc/public/docDisplay?docId=c02793175&docLocale=en_US
|
|
ldap_sudo_search_base, cn=skynet-admins-linux,ou=groups,dc=skynet,dc=ie, cn=skynet-trainees-linux,ou=groups,dc=skynet,dc=ie
|
|
|
|
ldap_group_nesting_level = 5
|
|
|
|
cache_credentials = false
|
|
entry_cache_timeout = 1
|
|
|
|
ldap_user_member_of = skMemberOf
|
|
|
|
override_shell = /bin/bash
|
|
#ldap_library_debug_level = -1
|
|
ldap_scheme= rfc2307bis
|
|
|
|
[sssd]
|
|
config_file_version = 2
|
|
services = nss, pam, sudo, ssh
|
|
domains = skynet.ie
|
|
|
|
[nss]
|
|
# override_homedir = /home/%u
|
|
|
|
[pam]
|
|
|
|
[sudo]
|
|
|
|
[autofs]
|