3,082
edits
Changes
From SME Server
Jump to navigationJump to searchClient Authentication:Debian via sssd/ldap/fr (view source)
Revision as of 21:58, 29 January 2018
, 21:58, 29 January 2018→Configurer sssd
ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt
ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt
ldap_id_use_start_tls = true
ldap_id_use_start_tls = true
# uncomment below if the SME is a âiPasserelleâ
# uncomment below if the SME is a iPasserelle
#ldap_user_shell = desktopLoginShell
#ldap_user_shell = desktopLoginShell
# comment below if the SME is a âiPasserelleâ
# comment below if the SME is a iPasserelle
override_shell = /bin/bash
override_shell = /bin/bash
cache_credentials = true
cache_credentials = true
# In this exemple, only the users member of the group netusers
# In this exemple, only the users member of the group netusers
# will be valid on this host.
# will be valid on this host.
# posixMemberOF is a parameter only for a iPasserelle
# posixMemberOF is a parameter only for an iPasserelle
#access_provider = ldap
#access_provider = ldap
#ldap_access_filter = (|(posixMemberOf=admins)(uid=backup))
#ldap_access_filter = (|(posixMemberOf=admins)(uid=backup))
chmod 600 /etc/sssd/sssd.conf
chmod 600 /etc/sssd/sssd.conf
N.B. : iPasserelle est une solution Firewall Services calquée sur le serveur SME KOOZALI.
{{Tip box|Make sure that the file /etc/ssl/certs/ca-certificates.crt contains the CA that has sign the certificate of the SME (if PHPki is used, a version > 0,82-13 is required).}}
{{Tip box|Make sure that the file /etc/ssl/certs/ca-certificates.crt contains the CA that has sign the certificate of the SME (if PHPki is used, a version > 0,82-13 is required).}}
update-rc.d sssd enable
update-rc.d sssd enable
/etc/init.d/sssd start
/etc/init.d/sssd start
[[Category:Howto]]
