Edin Sarajlic
6ccca9ec33
Simplify task name/description
|
2 years ago | |
|---|---|---|
| defaults | 3 years ago | |
| files | 3 years ago | |
| handlers | 3 years ago | |
| tasks | 2 years ago | |
| README | 3 years ago |
README
NOTE: This Ansible role is NOT production-ready.
Created and tested on a Debian Jessie machine.
This is a role for installing and configuring SSSD (see:
https://fedorahosted.org/sssd/) to authenticate against a FreeIPA
server (see: http://www.freeipa.org/).
---
Note to self:
sudo via sssd-ldap is an experimental feature in the version of sssd
(1.8) shipped with Wheezy
SSH task requires that the SSHD server support AuthorizedKeysCommand*
which was introduced in OpenSSH 6.2. Debian Wheezy ships with OpenSSH
6.0.
All of the above probably means that this role will not support Debian
Wheezy clients.
--
More notes to self:
Variables to define:
sssd_sssdconf_path_src: local path to sssd.conf
sssd_certificate_path_src: local path to FreeIPA server's crt (needed to allow LDAPS connections)
Additional tasks provide by this role:
configure_sshd.yml - configures SSH to look up authorized_keys via SSSD
Created and tested on a Debian Jessie machine.
This is a role for installing and configuring SSSD (see:
https://fedorahosted.org/sssd/) to authenticate against a FreeIPA
server (see: http://www.freeipa.org/).
---
Note to self:
sudo via sssd-ldap is an experimental feature in the version of sssd
(1.8) shipped with Wheezy
SSH task requires that the SSHD server support AuthorizedKeysCommand*
which was introduced in OpenSSH 6.2. Debian Wheezy ships with OpenSSH
6.0.
All of the above probably means that this role will not support Debian
Wheezy clients.
--
More notes to self:
Variables to define:
sssd_sssdconf_path_src: local path to sssd.conf
sssd_certificate_path_src: local path to FreeIPA server's crt (needed to allow LDAPS connections)
Additional tasks provide by this role:
configure_sshd.yml - configures SSH to look up authorized_keys via SSSD