SSSD-SIMPLE(5) SSSD-SIMPLE(5) NAME sssd-simple - SSSD 'simple' sssd(8) sssd.conf(5) "" : o o allowdeny o "allow" o "deny" SSSD sssd.conf(5) "" simple_allow_users () simple_deny_users () simple_allow_groups () SSSD simple_deny_groups () SSSD Specifying no values for any of the lists is equivalent to skipping it entirely. Beware of this while generating parameters for the simple provider using automated scripts. simple_allow_users simple_deny_users SSSD example.com [sssd] 1 [domain/example.com] access_provider = simple simple_allow_users = user1, user2 The complete group membership hierarchy is resolved before the access check, thus even nested groups can be included in the access lists. Please be aware that the "ldap_group_nesting_level" option may impact the results and should be set to a sufficient value. (sssd-ldap(5)) option. sssd(8), sssd.conf(5), sssd-ldap(5), sssd-ldap-attributes(5), sssd- krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd- sudo(5), sssd-session-recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5) AUTHORS The SSSD upstream - https://github.com/SSSD/sssd/ SSSD 04/09/2024 SSSD-SIMPLE(5)