sssd.conf revision 2a2f38ef88d78a36da6692d9c9a5af670d517a8e
[sssd]
# Number of times services should attempt to reconnect in the
# event of a crash or restart before they give up
# if a backend is particularly slow you can raise this timeout here
sbus_timeout = 30
# SSSD will not start if you don't configure any domain.
# Add new domains condifgurations as [domain/<NAME>] sections.
# Then add the list of domains (in the order you want them to be
# queried in the 'domains" attribute above and uncomment it
[nss]
# all domains (you can add here a comma separated list of system accounts are
# The EntryCacheTimeout indicates the number of seconds to retain before
# an entry in cache is considered stale and must block to refresh.
# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
# wait before updating the cache out-of-band. (NSS requests will still
# be returned from cache until the full EntryCacheTimeout). Setting this
# value to 0 turns this feature off (default)
; entry_cache_timeout = 600
; entry_cache_nowait_timeout = 300
[pam]
# Example LOCAL domain that stores all users natively in the SSSD internal
# now contains only root and system accounts.
; id_provider = local
; enumerate = true
; min_id = 500
; max_id = 999
# Example native LDAP domain
# ldap_schema can be set to 'rfc2307', which uses the 'memberuid' attribute
# for group membership, or to 'rfc2307bis', which uses the 'member' attribute
# to denote group membership. Changes to this setting affects only how we
# determine the groups a user belongs to and will have no negative effect on
# data about the user itself. If you do not know this value, ask an
# administrator.
; id_provider = ldap
; auth_provider = ldap
; ldap_schema = rfc2307
; cache_credentials = true
; enumerate = true
# Example LDAP domain where the LDAP server is an Active Directory server.
; enumerate = false
; min_id = 1000
;
; id_provider = ldap
; auth_provider = ldap