44 lines
918 B
Django/Jinja
44 lines
918 B
Django/Jinja
{#- vim: set ft=jinja : -#}
|
|
#
|
|
# pam_winbind configuration file
|
|
#
|
|
# /etc/security/pam_winbind.conf
|
|
#
|
|
|
|
[global]
|
|
|
|
# turn on debugging
|
|
;debug = no
|
|
|
|
# turn on extended PAM state debugging
|
|
;debug_state = no
|
|
|
|
# request a cached login if possible
|
|
# (needs "winbind offline logon = yes" in smb.conf)
|
|
cached_login = yes
|
|
|
|
# authenticate using kerberos
|
|
krb5_auth = {{ 'yes' if winbind_krb5_auth else 'no' }}
|
|
|
|
# when using kerberos, request a "FILE" krb5 credential cache type
|
|
# (leave empty to just do krb5 authentication but not have a ticket
|
|
# afterwards)
|
|
{% if winbind_krb5_auth %}
|
|
krb5_ccache_type = FILE
|
|
{% else %}
|
|
;krb5_ccache_type = FILE
|
|
{% endif %}
|
|
|
|
# make successful authentication dependend on membership of one SID
|
|
# (can also take a name)
|
|
;require_membership_of =
|
|
|
|
# password expiry warning period in days
|
|
;warn_pwd_expire = 14
|
|
|
|
# omit pam conversations
|
|
silent = yes
|
|
|
|
# create homedirectory on the fly
|
|
;mkhomedir = no
|