Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 829727 Details for
Bug 1034937
login through GDM does not create kerberos tkt On 5.10 client
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
sssd.conf
file_1034937.txt (text/plain), 2.33 KB, created by
Xiyang Dong
on 2013-11-27 13:13:56 UTC
(
hide
)
Description:
sssd.conf
Filename:
MIME Type:
Creator:
Xiyang Dong
Created:
2013-11-27 13:13:56 UTC
Size:
2.33 KB
patch
obsolete
>[root@c510 ~]# cat /etc/sssd/sssd.conf >[sssd] >config_file_version = 2 >services = nss, pam >debug_level = 9 ># SSSD will not start if you do not configure any domains. ># Add new domain configurations as [domain/<NAME>] sections, and ># then add the list of domains (in the order you want them to be ># queried) to the "domains" attribute below and uncomment it. ># domains = LDAP > >domains = testrelm.com >[nss] >debug_level = 9 >[pam] >debug_level = 9 ># Example LDAP domain ># [domain/LDAP] ># id_provider = ldap ># auth_provider = ldap ># ldap_schema can be set to "rfc2307", which stores group member names in the ># "memberuid" attribute, or to "rfc2307bis", which stores group member DNs in ># the "member" attribute. If you do not know this value, ask your LDAP ># administrator. ># ldap_schema = rfc2307 ># ldap_uri = ldap://ldap.mydomain.org ># ldap_search_base = dc=mydomain,dc=org ># Note that enabling enumeration will have a moderate performance impact. ># Consequently, the default value for enumeration is FALSE. ># Refer to the sssd.conf man page for full details. ># enumerate = false ># Allow offline logins by locally storing password hashes (default: false). ># cache_credentials = true > ># An example Active Directory domain. Please note that this configuration ># works for AD 2003R2 and AD 2008, because they use pretty much RFC2307bis ># compliant attribute names. To support UNIX clients with AD 2003 or older, ># you must install Microsoft Services For Unix and map LDAP attributes onto ># msSFU30* attribute names. ># [domain/AD] ># id_provider = ldap ># auth_provider = krb5 ># chpass_provider = krb5 ># ># ldap_uri = ldap://your.ad.example.com ># ldap_search_base = dc=example,dc=com ># ldap_schema = rfc2307bis ># ldap_sasl_mech = GSSAPI ># ldap_user_object_class = user ># ldap_group_object_class = group ># ldap_user_home_directory = unixHomeDirectory ># ldap_user_principal = userPrincipalName ># ldap_account_expire_policy = ad ># ldap_force_upper_case_realm = true ># ># krb5_server = your.ad.example.com ># krb5_realm = EXAMPLE.COM >[domain/testrelm.com] >cache_credentials = True >krb5_store_password_if_offline = True >ipa_domain = testrelm.com >id_provider = ipa >auth_provider = ipa >access_provider = ipa >chpass_provider = ipa >ipa_server = _srv_, ibm-x3650m4-01-vm-02.testrelm.com >ldap_tls_cacert = /etc/ipa/ca.crt >debug_level = 9
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=829727">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1034937
: 829727