cookbook 'sssd_ad', '~> 1.1.0'
sssd_ad (8) Versions 1.1.0 Follow3
Installs/Configures SSSD for AD integration
cookbook 'sssd_ad', '~> 1.1.0', :supermarket
knife supermarket install sssd_ad
knife supermarket download sssd_ad
sssd_ad
This cookbook installs SSSD on a Ubuntu system and configures it for Active Directory authentication. It loosely follows the directions found here: https://help.ubuntu.com/lts/serverguide/sssd-ad.html.
IMPORTANT: This cookbook assumes the system's FQDN (e.g. 'server.example.contoso.com') is in /etc/hosts. Joining the domain may fail if this is not the case. See the above link for details.
Platforms
Tested on Ubuntu 14.04 and Ubuntu 16.04.
Attributes
-
['sssd_ad']['access_filter']
- optionalad_access_filter
for the joined domain, e.g. "(&(sAMAccountName=jo*)(unixHomeDirectory=*))
" -
['sssd_ad']['nss_filter_users']
- optional comma separated string of users to be excluded from the AD search; seesssd.conf
man page -
['sssd_ad']['cache_credentials']
- boolean to enable SSSD credential caching; defaults to false -
['sssd_ad']['dc']
- the FQDN of the primary domain controller -
['sssd_ad']['use_ntp']
- configure NTP to sync with the primary domain controller; defaults to true -
['sssd_ad']['join_domain']
- join the system to the domain (requires credentials in a chef-vault item); defaults to false -
['sssd_ad']['vault_name']
- name of the data bag containing domain credentials -
['sssd_ad']['vault_item']
- name of the chef-vault item containing domain credentials -
['sssd_ad']['workgroup']
- name of the default domain workgroup -
['sssd_ad']['realm']
- the domain realm URL
Usage
Add the sssd_ad::default
recipe to the node's run list, and set the ['sssd_ad']['workgroup']
, ['sssd_ad']['realm']
, and ['sssd_ad']['dc']
attributes. If the system should be joined to the domain automatically, set the join_domain
attribute to true and create a chef-vault item containing AD credentials that have appropriate permissions.
Dependent cookbooks
chef-vault >= 2.0 |
samba ~> 1.1 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
sssd_ad Cookbook CHANGELOG
This file is used to list changes made in each version of the sssd_ad cookbook.
v1.1.0 (2018-01-23)
- Updated version constraint for chef-vault cookbook
v1.0.0 (2017-12-14)
- Now supports latest Samba cookbook.
- Added checks for configuration and binding to happen in the correct order.
- Breaking Changes:
- The new Samba cookbook is no longer configured using attributes, so to override default
samba_server
settings in the default recipe, useedit_resource
or similar in your wrapper cookbook. - Changed "workgroup" and "realm" attributes from the
[samba]
namespace to the[sssd_ad]
namespace.
- The new Samba cookbook is no longer configured using attributes, so to override default
v0.7.0 (2016-06-22)
- Added Ubuntu 16.04 support.
v0.6.0 (2016-02-22)
- Add attribute to set the nss
filter_users
option.
Collaborator Number Metric
1.1.0 passed this metric
Contributing File Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.1.0 passed this metric
No Binaries Metric
1.1.0 passed this metric
Testing File Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.1.0 passed this metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.1.0 passed this metric
No Binaries Metric
1.1.0 passed this metric
Testing File Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.1.0 passed this metric
1.1.0 passed this metric
Testing File Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.1.0 failed this metric
1.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number