initial commit: migrate all `MatthieuCoder/pantheon-ansible` files to the oss repo

author: Matthieu Pignolet <m@mpgn.dev> 2025-03-17 14:18:03 +0400
committer: Matthieu Pignolet <m@mpgn.dev> 2025-03-17 14:18:03 +0400
commit: 5098223d5c81fac49ded8e555ba629281b06d425 (patch)
tree: 451988b8a7287735ac98704c5f2b1783fd837666 /templates/etc/sssd/sssd.conf.j2
parent: 63efaaf0ba315a9af837d9e9016d331a1327e5e5 (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/templates/etc/sssd/sssd.conf.j2 b/templates/etc/sssd/sssd.conf.j2
new file mode 100644
index 0000000..9dbdfbb
--- /dev/null
+++ b/templates/etc/sssd/sssd.conf.j2
@@ -0,0 +1,39 @@
+[sssd]
+config_file_version = 2
+domains = lab.mpgn.dev
+services = nss, pam, autofs, sudo
+full_name_format = %1$s
+
+[nss]
+
+[pam]
+
+[sudo]
+
+[domain/lab.mpgn.dev]
+id_provider = ldap
+auth_provider = krb5
+sudo_provider = ldap
+chpass_provider = krb5
+resolver_provider = ldap
+
+cache_credentials = True
+ldap_uri = ldaps://ldap.lab.mpgn.dev
+ldap_search_base = dc=lab,dc=mpgn,dc=dev
+ldap_sasl_mech = gssapi
+
+ldap_user_search_base = ou=users,dc=lab,dc=mpgn,dc=dev
+ldap_group_search_base = ou=groups,dc=lab,dc=mpgn,dc=dev
+ldap_group_nesting_level = 10
+ldap_sudo_search_base = ou=sudo,dc=lab,dc=mpgn,dc=dev
+
+krb5_server = ldap.lab.mpgn.dev
+krb5_kpasswd = ldap.lab.mpgn.dev
+krb5_realm = LAB.MPGN.DEV
+
+access_provider = permit
+krb5_validate = True
+override_homedir = /home/%u
+default_shell = /bin/bash
+
+enumerate = true
author	Matthieu Pignolet <m@mpgn.dev>	2025-03-17 14:18:03 +0400
committer	Matthieu Pignolet <m@mpgn.dev>	2025-03-17 14:18:03 +0400
commit	5098223d5c81fac49ded8e555ba629281b06d425 (patch)
tree	451988b8a7287735ac98704c5f2b1783fd837666 /templates/etc/sssd/sssd.conf.j2
parent	63efaaf0ba315a9af837d9e9016d331a1327e5e5 (diff)