[domain/ipa.domain.com]

debug_level = 10 
krb5_store_password_if_offline = True
ipa_domain = ipa.domain.com
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = ipaserver2.ipa.domain.com
chpass_provider = ipa
ipa_server = ipaserver2.ipa.domain.com
ipa_server_mode = True
ldap_tls_cacert = /etc/ipa/ca.crt
#entry_cache_timeout = 30
#ldap_enumeration_refresh_timeout = 30
#ignore_group_members = True
#ldap_purge_cache_timeout = 0
#ldap_use_tokengroups = False
#ldap_group_nesting_level = 0
#subdomain_inherit = ignore_group_members,ldap_purge_cache_timeout,ldap_use_tokengroups,ldap_group_nesting_level

[sssd]
debug_level = 10 
services = nss, sudo, pam, ssh
domains = ipa.domain.com
#domain_resolution_order = ad.domain.com,ipa.domain.com
full_name_format = %1$s


[nss]
debug_level = 10 
override_homedir = /home/%l/%u
#entry_negative_timeout = 1
#filter_groups = *@ad.domain.com


[pam]
pam_id_timeout = 3600

[sudo]

[autofs]

[ssh]

[pac]

[ifp]

[secrets]

[session_recording]