Edit file File name : sssd-ipa.conf Content :# Format: # option = type, subtype, mandatory[, default] [provider/ipa] ipa_domain = str, None, false ipa_server = str, None, false ipa_backup_server = str, None, false ipa_hostname = str, None, false ipa_deskprofile_search_base = str, None, false ipa_subid_ranges_search_base = str, None, false ipa_access_order = str, None, false ipa_dyndns_update = bool, None, false ipa_dyndns_ttl = int, None, false ipa_dyndns_iface = str, None, false ipa_hbac_search_base = str, None, false ipa_host_search_base = str, None, false ipa_master_domain_search_base = str, None, false ipa_ranges_search_base = str, None, false ipa_enable_dns_sites = bool, None, false ldap_uri = str, None, false ldap_backup_uri = str, None, false ldap_search_base = str, None, false ldap_schema = str, None, false ldap_pwmodify_mode = str, None, false ldap_default_bind_dn = str, None, false ldap_default_authtok_type = str, None, false ldap_default_authtok = str, None, false ldap_network_timeout = int, None, false ldap_opt_timeout = int, None, false ldap_offline_timeout = int, None, false ldap_tls_cacert = str, None, false ldap_tls_cacertdir = str, None, false ldap_tls_cert = str, None, false ldap_tls_key = str, None, false ldap_tls_cipher_suite = str, None, false ldap_tls_reqcert = str, None, false ldap_sasl_mech = str, None, false ldap_sasl_authid = str, None, false ldap_sasl_minssf = int, None, false ldap_sasl_maxssf = int, None, false krb5_kdcip = str, None, false krb5_server = str, None, false krb5_backup_server = str, None, false krb5_realm = str, None, false krb5_auth_timeout = int, None, false krb5_use_kdcinfo = bool, None, false krb5_kpasswd = str, None, false krb5_backup_kpasswd = str, None, false krb5_canonicalize = bool, None, false ldap_krb5_keytab = str, None, false ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false ldap_rootdse_last_usn = str, None, false ldap_referrals = bool, None, false ldap_krb5_ticket_lifetime = int, None, false ldap_dns_service_name = str, None, false ldap_deref = str, None, false ldap_page_size = int, None, false ldap_deref_threshold = int, None, false ldap_connection_expire_timeout = int, None, false ldap_connection_expire_offset = int, None, false ldap_connection_idle_timeout = int, None, false ldap_disable_paging = bool, None, false krb5_confd_path = str, None, false wildcard_limit = int, None, false [provider/ipa/id] ldap_search_timeout = int, None, false ldap_enumeration_refresh_timeout = int, None, false ldap_purge_cache_timeout = int, None, false ldap_id_use_start_tls = bool, None, false ldap_id_mapping = bool, None, false ldap_user_search_base = str, None, false ldap_user_search_scope = str, None, false ldap_user_search_filter = str, None, false ldap_user_extra_attrs = str, None, false ldap_user_object_class = str, None, false ldap_user_name = str, None, false ldap_user_uid_number = str, None, false ldap_user_gid_number = str, None, false ldap_user_gecos = str, None, false ldap_user_home_directory = str, None, false ldap_user_shell = str, None, false ldap_user_uuid = str, None, false ldap_user_objectsid = str, None, false ldap_user_primary_group = str, None, false ldap_user_principal = str, None, false ldap_user_fullname = str, None, false ldap_user_member_of = str, None, false ldap_user_modify_timestamp = str, None, false ldap_user_entry_usn = str, None, false ldap_user_shadow_last_change = str, None, false ldap_user_shadow_min = str, None, false ldap_user_shadow_max = str, None, false ldap_user_shadow_warning = str, None, false ldap_user_shadow_inactive = str, None, false ldap_user_shadow_expire = str, None, false ldap_user_shadow_flag = str, None, false ldap_user_krb_last_pwd_change = str, None, false ldap_user_krb_password_expiration = str, None, false ldap_pwd_attribute = str, None, false ldap_user_ssh_public_key = str, None, false ldap_user_auth_type = str, None, false ldap_user_certificate = str, None, false ldap_user_email = str, None, false ldap_user_passkey = str, None, false ldap_group_search_base = str, None, false ldap_group_search_scope = str, None, false ldap_group_search_filter = str, None, false ldap_group_object_class = str, None, false ldap_group_name = str, None, false ldap_group_gid_number = str, None, false ldap_group_member = str, None, false ldap_group_uuid = str, None, false ldap_group_objectsid = str, None, false ldap_group_modify_timestamp = str, None, false ldap_group_entry_usn = str, None, false ldap_group_type = str, None, false ldap_group_external_member = str, None, false ldap_force_upper_case_realm = bool, None, false ldap_group_nesting_level = int, None, false ldap_netgroup_search_base = str, None, false ipa_netgroup_object_class = str, None, false ipa_netgroup_name = str, None, false ipa_netgroup_member = str, None, false ipa_netgroup_member_of = str, None, false ipa_netgroup_member_user = str, None, false ipa_netgroup_member_host = str, None, false ipa_netgroup_member_ext_host = str, None, false ipa_netgroup_domain = str, None, false ipa_netgroup_uuid = str, None, false ldap_service_object_class = str, None, false ldap_service_name = str, None, false ldap_service_port = str, None, false ldap_service_proto = str, None, false ldap_service_search_base = str, None, false ldap_service_entry_usn = str, None, false ipa_host_object_class = str, None, false ipa_host_fqdn = str, None, false ipa_host_ssh_public_key = str, None, false ldap_idmap_range_min = int, None, false ldap_idmap_range_max = int, None, false ldap_idmap_range_size = int, None, false ldap_idmap_autorid_compat = bool, None, false ldap_idmap_default_domain = str, None, false ldap_idmap_default_domain_sid = str, None, false ldap_idmap_helper_table_size = int, None, false ldap_use_tokengroups = bool, None, false ldap_rfc2307_fallback_to_local_users = bool, None, false ipa_server_mode = bool, None, false ldap_pwdlockout_dn = str, None, false ipa_views_search_base = str, None, false ipa_view_class = str, None, false ipa_view_name = str, None, false ipa_override_object_class = str, None, false ipa_anchor_uuid = str, None, false ipa_user_override_object_class = str, None, false ipa_group_override_object_class = str, None, false [provider/ipa/auth] krb5_ccachedir = str, None, false krb5_ccname_template = str, None, false krb5_keytab = str, None, false krb5_validate = bool, None, false ldap_pwd_policy = str, None, false krb5_store_password_if_offline = bool, None, false krb5_renewable_lifetime = str, None, false krb5_lifetime = str, None, false krb5_renew_interval = str, None, false krb5_use_fast = str, None, false krb5_fast_principal = str, None, false krb5_fast_use_anonymous_pkinit = bool, None, false krb5_use_enterprise_principal = bool, None, false krb5_use_subdomain_realm = bool, None, false krb5_map_user = str, None, false [provider/ipa/access] ipa_hbac_refresh = int, None, false ipa_selinux_refresh = int, None, false ipa_hbac_support_srchost = bool, None, false ipa_host_object_class = str, None, false ipa_host_name = str, None, false ipa_host_fqdn = str, None, false ipa_host_serverhostname = str, None, false ipa_host_member_of = str, None, false ipa_host_ssh_public_key = str, None, false ipa_host_uuid = str, None, false ipa_hostgroup_objectclass = str, None, false ipa_hostgroup_name = str, None, false ipa_hostgroup_member = str, None, false ipa_hostgroup_memberof = str, None, false ipa_hostgroup_uuid = str, None, false [provider/ipa/autofs] ipa_automount_location = str, None, false ldap_autofs_map_master_name = str, None, false ldap_autofs_map_object_class = str, None, false ldap_autofs_map_name = str, None, false ldap_autofs_entry_object_class = str, None, false ldap_autofs_entry_key = str, None, false ldap_autofs_entry_value = str, None, false ldap_autofs_search_base = str, None, false [provider/ipa/chpass] [provider/ipa/session] ipa_deskprofile_refresh = int, None, false ipa_deskprofile_request_interval = int, None, false ipa_host_object_class = str, None, false ipa_host_name = str, None, false ipa_host_fqdn = str, None, false ipa_host_serverhostname = str, None, false ipa_host_member_of = str, None, false ipa_host_ssh_public_key = str, None, false ipa_host_uuid = str, None, false ipa_selinux_usermap_object_class = str, None, false ipa_selinux_usermap_name = str, None, false ipa_selinux_usermap_member_user = str, None, false ipa_selinux_usermap_member_host = str, None, false ipa_selinux_usermap_see_also = str, None, false ipa_selinux_usermap_selinux_user = str, None, false ipa_selinux_usermap_enabled = str, None, false ipa_selinux_usermap_user_category = str, None, false ipa_selinux_usermap_host_category = str, None, false ipa_selinux_usermap_uuid = str, None, false [provider/ipa/hostid] [provider/ipa/subdomains] ipa_subdomains_search_base = str, None, false [provider/ipa/sudo] ldap_sudo_search_base = str, None, false ldap_sudo_full_refresh_interval = int, None, false ldap_sudo_smart_refresh_interval = int, None, false ldap_sudo_random_offset = int, None, false ldap_sudo_use_host_filter = bool, None, false ldap_sudo_hostnames = str, None, false ldap_sudo_ip = str, None, false ldap_sudo_include_netgroups = bool, None, false ldap_sudo_include_regexp = bool, None, false ldap_sudorule_object_class = str, None, false ldap_sudorule_object_class_attr = str, None, false ldap_sudorule_name = str, None, false ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false ldap_sudorule_notafter = str, None, false ldap_sudorule_order = str, None, false ipa_sudorule_object_class = str, None, false ipa_sudorule_name = str, None, false ipa_sudorule_uuid = str, None, false ipa_sudorule_enabled_flag = str, None, false ipa_sudorule_option = str, None, false ipa_sudorule_runasgroup = str, None, false ipa_sudorule_runasgroup = str, None, false ipa_sudorule_allowcmd = str, None, false ipa_sudorule_denycmd = str, None, false ipa_sudorule_host = str, None, false ipa_sudorule_user = str, None, false ipa_sudorule_notafter = str, None, false ipa_sudorule_notbefore = str, None, false ipa_sudorule_sudoorder = str, None, false ipa_sudorule_cmdcategory = str, None, false ipa_sudorule_hostcategory = str, None, false ipa_sudorule_usercategory = str, None, false ipa_sudorule_runasusercategory = str, None, false ipa_sudorule_runasgroupcategory = str, None, false ipa_sudorule_runasextuser = str, None, false ipa_sudorule_runasextgroup = str, None, false ipa_sudorule_runasextusergroup = str, None, false ipa_sudorule_externaluser = str, None, false ipa_sudorule_entry_usn = str, None, false ipa_sudocmdgroup_object_class = str, None, false ipa_sudocmdgroup_uuid = str, None, false ipa_sudocmdgroup_name = str, None, false ipa_sudocmdgroup_member = str, None, false ipa_sudocmdgroup_entry_usn = str, None, false ipa_sudocmd_object_class = str, None, false ipa_sudocmd_uuid = str, None, false ipa_sudocmd_sudoCmd = str, None, false ipa_sudocmd_memberof = str, None, false Save