2: 2021-06-26 (土) 16:46:21 iseki  |
現: 2021-06-29 (火) 14:28:39 iseki |
| | *** /etc/sssd/sssd.conf [#w9aa30ce] | | *** /etc/sssd/sssd.conf [#w9aa30ce] |
| - | | |
| | - [[SSSD>sssd]] の設定ファイル | | - [[SSSD>sssd]] の設定ファイル |
| - | - LDAP を使用する場合 | + | - パーミッションは ''-rw------- 1 root root'' である必要がある. |
| | + | |
| | + | #br |
| | | | |
| | + | **** LDAP を使用する場合 [#yb4a059d] |
| | [sssd] | | [sssd] |
| | debug_level = 0 | | debug_level = 0 |
| | services = nss, sudo, pam, autofs, ssh | | services = nss, sudo, pam, autofs, ssh |
| | domains = default [domain/default] を指す | | domains = default [domain/default] を指す |
| | + | |
| | [domain/default] | | [domain/default] |
| | enumerate = true getent passwd がSSSDを見るようにするのに必要 | | enumerate = true getent passwd がSSSDを見るようにするのに必要 |
| | auth_provider = ldap | | auth_provider = ldap |
| | #access_provider = permit | | #access_provider = permit |
| | + | |
| | chpass_provider = ldap | | chpass_provider = ldap |
| | sudo_provider = ldap | | sudo_provider = ldap |
| | #cache_credentials = False キャッシュしない | | #cache_credentials = False キャッシュしない |
| | ldap_tls_reqcert = never サーバ証明書をチェックしない | | ldap_tls_reqcert = never サーバ証明書をチェックしない |
| | + | |
| | ldap_default_bind_dn = cn=Manager | | ldap_default_bind_dn = cn=Manager |
| | ldap_default_authtok = ****** | | ldap_default_authtok = ****** |
| | + | |
| | #ldap_tls_cacertdir = /etc/openldap/cacerts | | #ldap_tls_cacertdir = /etc/openldap/cacerts |
| | autofs_provider = ldap | | autofs_provider = ldap |
| | + | |
| | [nss] | | [nss] |
| | homedir_substring = /home | | homedir_substring = /home |
| | entry_negative_timeout = 20 | | entry_negative_timeout = 20 |
| | entry_cache_nowait_percentage = 50 | | entry_cache_nowait_percentage = 50 |
| | + | |
| | [pam] | | [pam] |
| | + | |
| | [sudo] | | [sudo] |
| | + | |
| | [autofs] | | [autofs] |
| | + | |
| | [ssh] | | [ssh] |
| | + | |
| | [pac] | | [pac] |
