sssd/sssd.conf.default

[sssd]
config_file_version = 2
# Number of times services should attempt to reconnect in the
# event of a crash or restart before they give up
reconnection_retries = 3
# if a backend is particularly slow you can raise this timeout here
sbus_timeout = 30
services = nss, dp, pam
; domains = LOCAL,LDAP
# SSSD will not start if you don't configure any domain.
# Add new domains condifgurations as [domain/<NAME>] sections.
# Then add the list of domains (in the order you want them to be
# queried in the 'domains" attribute above and uncomment it


[nss]
# the following prevents sssd for searching for the root user/group in
# all domains (you can add here a comma separated list of system accounts are
# always going to be /etc/passwd users, or that you want to filter out)
filter_groups = root
filter_users = root
reconnection_retries = 3

# The EntryCacheTimeout indicates the number of seconds to retain before
# an entry in cache is considered stale and must block to refresh.
# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
# wait before updating the cache out-of-band. (NSS requests will still
# be returned from cache until the full EntryCacheTimeout). Setting this
# value to 0 turns this feature off (default)
; entry_cache_timeout = 600
; entry_cache_nowait_timeout = 300

[pam]
reconnection_retries = 3

[dp]
reconnection_retries = 3

# Example LOCAL domain that stores all users natively in the SSSD internal
# directory. These local users and groups are not visibile in /etc/passwd, it
# now contains only root and system accounts.
; [domain/LOCAL]
; description = LOCAL Users domain
; id_provider = local
; enumerate = true
; min_id = 500
; max_id = 999

# Example native LDAP domain
; [domain/LDAP]
; id_provider = ldap
; auth_provider = ldap
; ldap_uri = ldap://ldap.mydomain.org
; ldap_user_search_base = dc=mydomain,dc=org
; ldap_tls_reqcert = demand
; cache_credentials = true
; enumerate = true
New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`[sssd]`
			`config_file_version = 2`
			`# Number of times services should attempt to reconnect in the`
			`# event of a crash or restart before they give up`
			`reconnection_retries = 3`
			`# if a backend is particularly slow you can raise this timeout here`
			`sbus_timeout = 30`
			`services = nss, dp, pam`
- Version 0.3.0 - Provides file based configuration and lots of improvements 2009-04-13 15:49:54 +00:00			`; domains = LOCAL,LDAP`
			`# SSSD will not start if you don't configure any domain.`
New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`# Add new domains condifgurations as [domain/<NAME>] sections.`
- Version 0.3.0 - Provides file based configuration and lots of improvements 2009-04-13 15:49:54 +00:00			`# Then add the list of domains (in the order you want them to be`
			`# queried in the 'domains" attribute above and uncomment it`


New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`[nss]`
			`# the following prevents sssd for searching for the root user/group in`
			`# all domains (you can add here a comma separated list of system accounts are`
			`# always going to be /etc/passwd users, or that you want to filter out)`
			`filter_groups = root`
			`filter_users = root`
			`reconnection_retries = 3`

			`# The EntryCacheTimeout indicates the number of seconds to retain before`
			`# an entry in cache is considered stale and must block to refresh.`
			`# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to`
			`# wait before updating the cache out-of-band. (NSS requests will still`
			`# be returned from cache until the full EntryCacheTimeout). Setting this`
			`# value to 0 turns this feature off (default)`
			`; entry_cache_timeout = 600`
			`; entry_cache_nowait_timeout = 300`
- Version 0.3.0 - Provides file based configuration and lots of improvements 2009-04-13 15:49:54 +00:00
New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`[pam]`
			`reconnection_retries = 3`

			`[dp]`
			`reconnection_retries = 3`
- Version 0.3.0 - Provides file based configuration and lots of improvements 2009-04-13 15:49:54 +00:00
			`# Example LOCAL domain that stores all users natively in the SSSD internal`
			`# directory. These local users and groups are not visibile in /etc/passwd, it`
			`# now contains only root and system accounts.`
New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`; [domain/LOCAL]`
- Version 0.3.0 - Provides file based configuration and lots of improvements 2009-04-13 15:49:54 +00:00			`; description = LOCAL Users domain`
New upstream release 0.6.0 2009-09-28 08:51:24 +00:00			`; id_provider = local`
			`; enumerate = true`
			`; min_id = 500`
			`; max_id = 999`

			`# Example native LDAP domain`
			`; [domain/LDAP]`
			`; id_provider = ldap`
			`; auth_provider = ldap`
			`; ldap_uri = ldap://ldap.mydomain.org`
			`; ldap_user_search_base = dc=mydomain,dc=org`
			`; ldap_tls_reqcert = demand`
			`; cache_credentials = true`
			`; enumerate = true`