此内容没有您所选择的语言版本。
13.2.2. Setting up the sssd.conf File
SSSD services and domains are configured in a
.conf file. By default, this is /etc/sssd/sssd.conf — although that file must be created and configured manually, since SSSD is not configured after installation.
13.2.2.1. Creating the sssd.conf File
There are three parts of the SSSD configuration file:
[sssd], for general SSSD process and operational configuration; this basically lists the configured services, domains, and configuration parameters for each- [service_name], for configuration options for each supported system service, as described in Section 13.2.4, “SSSD and System Services”
- [domain_type/DOMAIN_NAME], for configuration options for each configured identity provider
Important
While services are optional, at least one identity provider domain must be configured before the SSSD service can be started.
Example 13.1. Simple sssd.conf File
[sssd] domains = LOCAL services = nss config_file_version = 2 [nss] filter_groups = root filter_users = root [domain/LOCAL] id_provider = local auth_provider = local access_provider = permit
The
[sssd] section has three important parameters:
domainslists all of the domains, configured in thesssd.conf, which SSSD uses as identity providers. If a domain is not listed in thedomainskey, it is not used by SSSD, even if it has a configuration section.serviceslists all of the system services, configured in thesssd.conf, which use SSSD; when SSSD starts, the corresponding SSSD service is started for each configured system service. If a service is not listed in theserviceskey, it is not used by SSSD, even if it has a configuration section.config_file_versionsets the version of the configuration file to set file format expectations. This is version 2, for all recent SSSD versions.
Note
Even if a service or domain is configured in the
sssd.conf file, SSSD does not interact with that service or domain unless it is listed in the services or domains parameters, respectively, in the [sssd] section.
Other configuration parameters are listed in the
sssd.conf man page.
Each service and domain parameter is described in its respective configuration section in this chapter and in their man pages.
