Updated with ipaclient setup and bootstrap

2019-02-23 20:34:35 -05:00
parent 65ed5e0ce8
commit 832502de34
14 changed files with 255 additions and 5 deletions
--- a/roles/debian-freeipa-client/templates/sssd.conf.j2
+++ b/roles/debian-freeipa-client/templates/sssd.conf.j2
@@ -0,0 +1,23 @@
+# {{ ansible_managed }}
+[sssd]
+config_file_version = 2
+services = nss, pam, sudo, ssh
+domains = {{ ipa_realm }}
+
+[nss]
+
+[pam]
+
+[ssh]
+
+[sudo]
+
+[domain/{{ ipa_realm }}]
+cache_credentials = true
+krb5_store_password_if_offline = true
+id_provider = ipa
+auth_provider = ipa
+access_provider = ipa
+chpass_provider = ipa
+ldap_tls_cacert = /etc/ipa/ca.crt
+ipa_hostname = {{ ansible_fqdn }}