Configuration reference

This document lists the settings available in Ipsilon.

You might have more or less settings available based on the plugins installed.

Lists are comma-separated.

Login providers (section [login_config])

General (prefix global])

enabled: List of modules to be enabled.

Fedora Account System (prefix fas)

FAS url: Top URL of your FAS installation. FAS Proxy client user Agent: User agent provided to the FAS server. FAS Insecure Auth: Boolean whether to disable certificate checking. username text: Text to display next to username field. password text: Text to display next to the password field. help text: Text to display in the help text label.

Form authentication (prefix form)

username text: Text to display next to username field. password text: Text to display next to the password field. help text: Text to display in the help text label.

GSSAPI authentication (prefix gssapi)

LDAP authentication (prefix ldap)

server url: LDAP server url, starting with ldap:// or ldaps://. bind dn template: Template to turn username into bind DN, with %(username)s for template. base dn: DN to use as a search base. get user info: Boolean whether to get user info via LDAP. tls: String whether TLS connection is used. Possible values: Demand, Allow, Try, Never, NoTLS. username text: Text to display next to username field. password text: Text to display next to the password field. help text: Text to display in the help text label.

PAM authentication (prefix pam)

server name: PAM service name to use. username text: Text to display next to username field. password text: Text to display next to the password field. help text: Text to display in the help text label.

Test authentication (prefix testauth)

username text: Text to display next to username field. password text: Text to display next to the password field. help text: Text to display in the help text label. groups: List of groups to add to users.

Authorization plugins (section [authz_config])

General (prefix global])

enabled: List of modules to be enabled.

Allow (prefix allow)

Deny (prefix deny)

Service provider group (prefix spgroup)

prefix: Group name prefix. suffix: Group name suffix.

Info providers (section [info_config])

General (prefix global])

enabled: List of modules to be enabled.

Fedora Account System (prefix fas)

FAS url: Top URL of your FAS installation. FAS Proxy client user Agent: User agent provided to the FAS server. FAS Insecure Auth: Boolean whether to disable certificate checking. Bind Username: Username to use when retrieving info. Bind Password: Password to use when retrieving info.

LDAP info (prefix ldap)

server url: LDAP server url, starting with ldap:// or ldaps://. bind dn template: Template to turn username into bind DN, with %(username)s for template. tls: String whether TLS connection is used. Possible values: Demand, Allow, Try, Never, NoTLS. bind dn: DN to use when retrieving info. bind password: Password to use when retrieving info. base dn: Search base DN.

NSS Info (prefix nss)

SSSD Info (prefix sssd)

preconfigured: Needs to be set to true.

Provider plugins (section [provider_config])

General (prefix global])

enabled: List of modules to be enabled.