Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: ldap auth

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2025-08-05 18:31:16 +02:00
parent 7225a5e787
commit 79b4a615f0
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
utils/modules/ldap-auth.nix
View File

@@ -41,6 +41,9 @@ in
ldap_schema = rfc2307 ldap_schema = rfc2307
ldap_group_member = memberUid ldap_group_member = memberUid
use_fully_qualified_names = False
fallback_homedir = /home/%u
''; '';
environmentFile = config.sops.secrets.sssd-environment.path; environmentFile = config.sops.secrets.sssd-environment.path;
}; };
@@ -60,7 +63,7 @@ in
services.openssh = { services.openssh = {
settings = { settings = {
AuthorizedKeysCommand = "/etc/ssh/ldap-authorized-keys"; AuthorizedKeysCommand = "/etc/ssh/ldap-authorized-keys %u";
AuthorizedKeysCommandUser = "nslcd"; # default is “nobody” :contentReference[oaicite:0]{index=0} AuthorizedKeysCommandUser = "nslcd"; # default is “nobody” :contentReference[oaicite:0]{index=0}
PubkeyAuthentication = "yes"; PubkeyAuthentication = "yes";
}; };