3,054
edits
Changes
Jump to navigation
Jump to search
Line 75:
Line 75: − + − + Line 85:
Line 85: − + Line 92:
Line 92: − + Line 175:
Line 175: − + − [[Category:Howto]]+
Client Authentication:Debian via sssd/ldap/fr (view source)
Revision as of 22:58, 29 January 2018
, 22:58, 29 January 2018→Configurer sssd
ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt
ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt
ldap_id_use_start_tls = true
ldap_id_use_start_tls = true
# uncomment below if the SME is a âiPasserelleâ
# uncomment below if the SME is a iPasserelle
#ldap_user_shell = desktopLoginShell
#ldap_user_shell = desktopLoginShell
# comment below if the SME is a âiPasserelleâ
# comment below if the SME is a iPasserelle
override_shell = /bin/bash
override_shell = /bin/bash
cache_credentials = true
cache_credentials = true
# In this exemple, only the users member of the group netusers
# In this exemple, only the users member of the group netusers
# will be valid on this host.
# will be valid on this host.
# posixMemberOF is a parameter only for a iPasserelle
# posixMemberOF is a parameter only for an iPasserelle
#access_provider = ldap
#access_provider = ldap
#ldap_access_filter = (|(posixMemberOf=admins)(uid=backup))
#ldap_access_filter = (|(posixMemberOf=admins)(uid=backup))
chmod 600 /etc/sssd/sssd.conf
chmod 600 /etc/sssd/sssd.conf
N.B. : iPasserelle est une solution Firewall Services calquée sur le serveur SME KOOZALI.
{{Tip box|Make sure that the file /etc/ssl/certs/ca-certificates.crt contains the CA that has sign the certificate of the SME (if PHPki is used, a version > 0,82-13 is required).}}
{{Tip box|Make sure that the file /etc/ssl/certs/ca-certificates.crt contains the CA that has sign the certificate of the SME (if PHPki is used, a version > 0,82-13 is required).}}
update-rc.d sssd enable
update-rc.d sssd enable
/etc/init.d/sssd start
/etc/init.d/sssd start
[[Category:Howto]]