[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam
domains = default

[nss]
filter_groups = root,apache,mysql,postgres,store,palantir,palconf,mailman,priss,ureg2000,oracleap,bin,tty,kmem,authread,news,rsrv9,staff,ris,users,alphaopr,operator,guest,uiosrc,cyrus,oraowner,src,named,sunsrc,iq,ifilinux,num,blabuser,delta,fire,dnadb,dnr-pro,blabusrs,vlsisrc,oo,delta3d,amiga,mediadb,compress,stud-sds,smbd,prissrc
filter_users = root,apache,mysql,postgres,store,palantir,mailman,ghost,priss,hpsim,ureg2000,oracleap,lpq
reconnection_retries = 3

[pam]
reconnection_retries = 3
offline_credentials_expiration = 180

[domain/default]
id_provider = ldap
auth_provider = ldap
chpass_provider = none
cache_credentials = true

ldap_uri = ldap://ldap.uio.no
ldap_schema = rfc2307
ldap_search_base = cn=system,dc=uio,dc=no
ldap_id_use_start_tls = true
ldap_tls_cacertdir = /etc/openldap/cacerts

ldap_default_bind_dn = cn=pam-common,cn=services,dc=uio,dc=no
ldap_default_authtok_type = password
ldap_default_authtok = not-so-secret