Skip to content

Adding a bunch of ldap and krb5 settings to domain.conf #155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Adding a bunch of ldap and krb5 settings to domain.conf #155

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
aec3856
Adding a bunch of new settings.
pedmon Dec 16, 2024
76b830b
Fixing formatting.
pedmon Dec 16, 2024
954c5e2
Adding override_homedir
pedmon Dec 16, 2024
08d08d9
Adding references.
pedmon Dec 17, 2024
a6719e3
Finishing references.
pedmon Dec 17, 2024
0d3079e
Refactoring to use custom_options instead.
pedmon Jan 2, 2025
fcfd335
Fixing syntax
Jan 6, 2025
24bdb85
Fixing pointer.
Jan 6, 2025
fd95e12
Fixing reference.
Jan 6, 2025
0c80c3a
Tweaking formatting.
Jan 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
220 changes: 220 additions & 0 deletions REFERENCE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1376,6 +1376,26 @@ The following parameters are available in the `sssd::domain` defined type:
* [`proxy_pam_target`](#-sssd--domain--proxy_pam_target)
* [`proxy_lib_name`](#-sssd--domain--proxy_lib_name)
* [`ldap_user_search_filter`](#-sssd--domain--ldap_user_search_filter)
* [`ldap_referrals`](#-sssd--domain--ldap_referrals)
* [`timeout`](#-sssd--domain--timeout)
* [`ldap_network_timeout`](#-sssd--domain--ldap_network_timeout)
* [`ldap_opt_timeout`](#-sssd--domain--ldap_opt_timeout)
* [`ldap_uri`](#-sssd--domain--ldap_uri)
* [`ldap_page_size`](#-sssd--domain--ldap_page_size)
* [`ldap_id_use_start_tls`](#-sssd--domain--ldap_id_use_start_tls)
* [`ldap_default_bind_dn`](#-sssd--domain--ldap_default_bind_dn)
* [`ldap_default_authtok_type`](#-sssd--domain--ldap_default_authtok_type)
* [`ldap_default_authtok`](#-sssd--domain--ldap_default_authtok)
* [`ldap_tls_reqcert`](#-sssd--domain--ldap_tls_reqcert)
* [`ldap_schema`](#-sssd--domain--ldap_schema)
* [`ldap_user_search_base`](#-sssd--domain--ldap_user_search_base)
* [`ldap_user_object_class`](#-sssd--domain--ldap_user_object_class)
* [`ldap_access_order`](#-sssd--domain--ldap_access_order)
* [`ldap_account_expire_policy`](#-sssd--domain--ldap_account_expire_policy)
* [`ldap_force_upper_case_realm`](#-sssd--domain--ldap_force_upper_case_realm)
* [`krb5_realm`](#-sssd--domain--krb5_realm)
* [`krb5_canonicalize`](#-sssd--domain--krb5_canonicalize)
* [`override_homedir`](#-sssd--domain--override_homedir)

##### <a name="-sssd--domain--name"></a>`name`

Expand Down Expand Up @@ -1730,6 +1750,206 @@ Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_referrals"></a>`ldap_referrals

Data type: `Optional[Boolean]`



Default value: `undef`

##### <a name="-sssd--domain--timeout"></a>`timeout`

Data type: `Optional[Integer[0]]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_network_timeout"></a>`ldap_network_timeout`

Data type: `Optional[Integer[0]]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_opt_timeout"></a>`ldap_opt_timeout`

Data type: `Optional[Integer[0]]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_uri"></a>`ldap_uri`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_page_size"></a>`ldap_page_size`

Data type: `Optional[Integer[0]]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_id_use_start_tls"></a>`ldap_id_use_start_tls`

Data type: `Optional[Boolean]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_default_bind_dnr"></a>`ldap_default_bind_dn`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_default_authtok_type"></a>`ldap_default_authtok_type`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_default_authtok"></a>`ldap_default_authtok`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_tls_reqcert"></a>`ldap_tls_reqcert`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_schema"></a>`ldap_schema`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_user_search_base"></a>`ldap_user_search_base`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_user_object_class"></a>`ldap_user_object_class`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_user_home_directory"></a>`ldap_user_home_directory`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_user_principal"></a>`ldap_user_principal`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_group_search_base"></a>`ldap_group_search_base`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_group_object_class"></a>`ldap_group_object_class`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_access_order"></a>`ldap_access_order`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_account_expire_policy"></a>`ldap_account_expire_policy`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_account_expire_policy"></a>`ldap_account_expire_policy`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--ldap_force_upper_case_realm"></a>`ldap_force_upper_case_realm`

Data type: `Optional[Boolean]`



Default value: `undef`

##### <a name="-sssd--domain--krb5_realm"></a>`krb5_realm`

Data type: `Optional[String]`



Default value: `undef`

##### <a name="-sssd--domain--krb5_canonicalize"></a>`krb5_canonicalize`

Data type: `Optional[Boolean]`



Default value: `undef`

##### <a name="-sssd--domain--override_homedir"></a>`override_homedir`

Data type: `Optional[String]`



Default value: `undef`

### <a name="sssd--provider--ad"></a>`sssd::provider::ad`
Expand Down
50 changes: 49 additions & 1 deletion manifests/domain.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,30 @@
# @param proxy_pam_target
# @param proxy_lib_name
# @param ldap_user_search_filter
# @param ldap_referrals
# @param timeout
# @param ldap_network_timeout
# @param ldap_opt_timeout
# @param ldap_uri
# @param ldap_page_size
# @param ldap_id_use_start_tls
# @param ldap_default_bind_dn
# @param ldap_default_authtok_type
# @param ldap_default_authtok
# @param ldap_tls_reqcert
# @param ldap_schema
# @param ldap_user_search_base
# @param ldap_user_object_class
# @param ldap_user_home_directory
# @param ldap_user_principal
# @param ldap_group_search_base
# @param ldap_group_object_class
# @param ldap_access_order
# @param ldap_account_expire_policy
# @param ldap_force_upper_case_realm
# @param krb5_realm
# @param krb5_canonicalize
# @param override_homedir
#
# @author https://github.com/simp/pupmod-simp-sssd/graphs/contributors
#
Expand Down Expand Up @@ -112,7 +136,31 @@
Optional[String] $realmd_tags = undef,
Optional[String] $proxy_pam_target = undef,
Optional[String] $proxy_lib_name = undef,
Optional[String] $ldap_user_search_filter = undef
Optional[String] $ldap_user_search_filter = undef,
Optional[Boolean] $ldap_referrals = undef,
Optional[Integer[0]] $timeout = undef,
Optional[Integer[0]] $ldap_network_timeout = undef,
Optional[Integer[0]] $ldap_opt_timeout = undef,
Optional[String] $ldap_uri = undef,
Optional[Integer[0]] $ldap_page_size = undef,
Optional[Boolean] $ldap_id_use_start_tls = undef,
Optional[String] $ldap_default_bind_dn = undef,
Optional[String] $ldap_default_authtok_type = undef,
Optional[String] $ldap_default_authtok = undef,
Optional[String] $ldap_tls_reqcert = undef,
Optional[String] $ldap_schema = undef,
Optional[String] $ldap_user_search_base = undef,
Optional[String] $ldap_user_object_class = undef,
Optional[String] $ldap_user_home_directory = undef,
Optional[String] $ldap_user_principal = undef,
Optional[String] $ldap_group_search_base = undef,
Optional[String] $ldap_group_object_class = undef,
Optional[String] $ldap_access_order = undef,
Optional[String] $ldap_account_expire_policy = undef,
Optional[Boolean] $ldap_force_upper_case_realm = undef,
Optional[String] $krb5_realm = undef,
Optional[Boolean] $krb5_canonicalize = undef,
Optional[String] $override_homedir = undef,
) {

sssd::config::entry { "puppet_domain_${name}":
Expand Down
72 changes: 72 additions & 0 deletions templates/domain.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,3 +107,75 @@ proxy_pam_target = <%= @proxy_pam_target %>
<% if @proxy_lib_name %>
proxy_lib_name = <%= @proxy_lib_name %>
<% end -%>
<% if @ldap_referrals -%>
ldap_referrals = <%= @ldap_referrals.to_s %>
<% end -%>
<% if @timeout -%>
timeout = <%= @timeout.to_s %>
<% end -%>
<% if @ldap_network_timeout -%>
ldap_network_timeout = <%= @ldap_network_timeout.to_s %>
<% end -%>
<% if @ldap_opt_timeout -%>
ldap_opt_timeout = <%= @ldap_opt_timeout.to_s %>
<% end -%>
<% if @ldap_uri -%>
ldap_uri = <%= @ldap_uri %>
<% end -%>
<% if @ldap_page_size -%>
ldap_page_size = <%= @ldap_page_size.to_s %>
<% end -%>
<% if @ldap_id_use_start_tls -%>
ldap_id_use_start_tls = <%= @ldap_id_use_start_tls.to_s %>
<% end -%>
<% if @ldap_default_bind_dn -%>
ldap_default_bind_dn = <%= @ldap_default_bind_dn %>
<% end -%>
<% if @ldap_default_authtok_type -%>
ldap_default_authtok_type = <%= @ldap_default_authtok_type %>
<% end -%>
<% if @ldap_default_authtok -%>
ldap_default_authtok = <%= @ldap_default_authtok %>
<% end -%>
<% if @ldap_tls_reqcert -%>
ldap_tls_reqcert = <%= @ldap_tls_reqcert %>
<% end -%>
<% if @ldap_schema -%>
ldap_schema = <%= @ldap_schema %>
<% end -%>
<% if @ldap_user_search_base -%>
ldap_user_search_base = <%= @ldap_user_search_base %>
<% end -%>
<% if @ldap_user_object_class -%>
ldap_user_object_class = <%= @ldap_user_object_class %>
<% end -%>
<% if @ldap_user_home_directory -%>
ldap_user_home_directory = <%= @ldap_user_home_directory %>
<% end -%>
<% if @ldap_user_principal -%>
ldap_user_principal = <%= @ldap_user_principal %>
<% end -%>
<% if @ldap_group_search_base -%>
ldap_group_search_base = <%= @ldap_group_search_base %>
<% end -%>
<% if @ldap_group_object_class -%>
ldap_group_object_class = <%= @ldap_group_object_class %>
<% end -%>
<% if @ldap_access_order -%>
ldap_access_order = <%= @ldap_access_order %>
<% end -%>
<% if @ldap_account_expire_policy -%>
ldap_account_expire_policy = <%= @ldap_account_expire_policy %>
<% end -%>
<% if @ldap_force_upper_case_realm -%>
ldap_force_upper_case_realm = <%= @ldap_force_upper_case_realm.to_s %>
<% end -%>
<% if @krb5_realm -%>
krb5_realm = <%= @krb5_realm %>
<% end -%>
<% if @krb5_canonicalize -%>
krb5_canonicalize = <%= @krb5_canonicalize.to_s %>
<% end -%>
<% if @override_homedir -%>
override_homedir = <%= @override_homedir %>
<% end -%>
Loading