puppet-module-sssd
Table of Contents
Overview
This module manages SSSD.
Usage
sssd
include sssd
Hiera of a working SSSD deployment
sssd::configs:
sssd:
debug_level: 0x02F0
domains: LDAP
services:
- pam
- nss
nss:
debug_level: 0x02F0
filter_groups:
- root
- wheel
filter_users:
- root
pam:
debug_level: 0x02F0
domain/LDAP:
cache_credentials: true
debug_level: 0x02F0
enumerate: false
id_provider: ldap
auth_provider: ldap
chpass_provider: ldap
access_provider: ldap
ldap_uri:
- ldaps://ldap1.example.com:636
- ldaps://ldap2.example.com:636
ldap_search_base: 'dc=example,dc=com'
ldap_schema: rfc2307
ldap_tls_reqcert: demand
ldap_access_filter: '(&(objectClass=shadowAccount)(objectClass=posixAccount))'
ldap_access_order:
- filter
- expire
ldap_pwd_policy: shadow
ldap_account_expire_policy: shadow
ldap_group_member: memberuid
Reference
treydock.github.io/puppet-module-sssd/
Development
Testing
Testing requires the following dependencies:
-
rake
-
bundler
Install gem dependencies
bundle install
Run unit tests
bundle exec rake spec
If you have Vagrant >= 1.2.0 installed you can run system tests
BEAKER_set=centos-7 bundle exec rake beaker