Further split roles. Mount user home on the clients (sshfs).
The following roles are available: fvs-sssd Configures LDAP as ID and AUTH provider using sssd. fvs-mount Provides all private user directories on login with pam_mount. Machines provided so far are: The server providing the home directory: fvs-home.yml A standard client: fvs-client.yml
This commit is contained in:
Andreas B. Mundt
parent
77c8c26e38
commit
7238875d0c
10 changed files with 91 additions and 88 deletions
22
roles/fvs-sssd/templates/sssd.conf.j2
Normal file
22
roles/fvs-sssd/templates/sssd.conf.j2
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
[sssd]
|
||||
domains = LDAP
|
||||
config_file_version = 2
|
||||
services = nss, pam
|
||||
|
||||
[nss]
|
||||
filter_groups = root
|
||||
filter_users = root
|
||||
|
||||
[pam]
|
||||
|
||||
[domain/LDAP]
|
||||
id_provider = ldap
|
||||
ldap_uri = ldaps://{{ ldap_server }}/
|
||||
ldap_search_base = {{ basedn }}
|
||||
|
||||
auth_provider = ldap
|
||||
auto_private_groups = true
|
||||
|
||||
cache_credentials = true
|
||||
|
||||
ldap_tls_reqcert = never
|
||||
Loading…
Add table
Add a link
Reference in a new issue