diff --git a/files/sssd.conf b/files/sssd.conf index 7f555f99ffdad6961ca791cf4c534cdd9baeb356..de0e8b3ad81d7fcc2b88a1052ec52e9c9fbef359 100644 --- a/files/sssd.conf +++ b/files/sssd.conf @@ -29,7 +29,7 @@ ldap_schema = rfc2307 ldap_account_expire_policy = shadow ldap_pwd_policy = shadow ldap_access_order = fitler, expire -ldap_user_ssh_public_key = sshAuthorizedKey +ldap_user_ssh_public_key = sshPublicKey auth_provider = krb5 chpass_provider = krb5 cache_credentials = true diff --git a/site.yml b/site.yml index 044f8db19403bb974695cb8d0a272753a0cfd10d..911881f0ad80583561f5e45cc3e5d33549de0ea4 100644 --- a/site.yml +++ b/site.yml @@ -69,7 +69,7 @@ regexp: tcp_listen_port notify: restart auditd - name: Get supraadmin SSH keys - shell: ldapsearch -H ldapi:// -Y EXTERNAL -QLLL -o ldif-wrap=no -b ou=People,dc=teckids,dc=org memberOf=cn=supraadmin,ou=Groups,dc=teckids,dc=org sshAuthorizedKey | grep sshAuthorizedKey | cut -d" " -f2-4 + shell: ldapsearch -H ldapi:// -Y EXTERNAL -QLLL -o ldif-wrap=no -b ou=People,dc=teckids,dc=org memberOf=cn=supraadmin,ou=Groups,dc=teckids,dc=org sshPublicKey | grep sshPublicKey | cut -d" " -f2-4 register: supraadminkeys - name: Get DNS key for dehydrated fetch: src=/etc/dehydrated/acme.key dest=tmp/ flat=yes