Commit 51de1251 authored by Thomas Schneider's avatar Thomas Schneider

ad-auth: Fix sssd config ldap_search_base

parent 957694fd
......@@ -11,7 +11,7 @@ offline_failed_login_delay = 0
[domain/{{ domain }}]
ad_domain = {{ domain }}
krb5_realm = {{ domain.upper() }}
realmd_tags = manages-system joined-with-adcli
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
......@@ -27,5 +27,5 @@ krb5_renewable_lifetime = 200h
krb5_renew_interval = 30m
ad_gpo_access_control = disabled
{% if sssd_show_only_enabled_users|default(False) %}
ldap_search_base = dc=fsmpi,dc=rwth-aachen,dc=de?subtree?(&(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
ldap_search_base = {{ authbase }}?subtree?(&(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
{% endif %}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment