[sssd]
domains = gk.rosatom.local
config_file_version = 2
services = nss, pam, ifp
default_domain_suffix = gk.rosatom.local

[domain/]
ad_domain = gk.rosatom.local
krb5_realm = GK.ROSATOM.LOCAL
realmd_tags = manages-system joined-with-adcli 
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%d/%u
access_provider = ad
ad_gpo_access_control = disabled
ignore_group_members = True
krb5_auth_timeout = 20
case_sensitive = false
dyndns_update = true
dyndns_refresh_interval = 43200
dyndns_update_ptr = true
dyndns_ttl = 3600

[pam]
pam_id_timeout = 20