Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


sssd_ldap (28) Versions 1.0.2

Sets up SSSD for LDAP on Ubuntu and RHEL systems

cookbook 'sssd_ldap', '= 1.0.2', :supermarket
cookbook 'sssd_ldap', '= 1.0.2'
knife supermarket install sssd_ldap
knife supermarket download sssd_ldap
Quality 100%

sssd_ldap Cookbook

Build Status

This cookbook installs SSSD and configures it for LDAP authentication



  • Redhat
  • Centos
  • Amazon
  • Scientific
  • Oracle
  • Ubuntu (10.04 / 12.04 / 14.04)


Attribute Value Comment
['id_provider'] 'ldap'
['auth_provider'] 'ldap'
['chpass_provider'] 'ldap'
['sudo_provider'] 'ldap'
['enumerate'] 'true'
['cache_credentials'] 'false'
['ldap_schema'] 'rfc2307bis'
['ldap_uri'] 'ldap://'
['ldap_search_base'] 'dc=yourcompany,dc=com'
['ldap_user_search_base'] 'ou=People,dc=yourcompany,dc=com'
['ldap_user_object_class'] 'posixAccount'
['ldap_user_name'] 'uid'
['override_homedir'] nil
['shell_fallback'] '/bin/bash'
['ldap_group_search_base'] 'ou=Groups,dc=yourcompany,dc=com'
['ldap_group_object_class'] 'posixGroup'
['ldap_id_use_start_tls'] 'true'
['ldap_tls_reqcert'] 'never'
['ldap_tls_cacertdir'] '/etc/pki/tls/certs'
['ldap_default_bind_dn'] 'cn=bindaccount,dc=yourcompany,dc=com' if you have a domain that doesn't require binding set this attributes to nil
['ldap_default_authtok'] 'bind_password' if you have a domain that doesn't require binding set this to nil
['authconfig_params'] '--enablesssd --enablesssdauth --enablelocauthorize --update'
['access_provider'] nil Should be set to 'ldap'
['ldap_access_filter'] nil Can use simple LDAP filter such as 'uid=abc123' or more expressive LDAP filters like '(&(objectClass=employee)(department=ITSupport))'
['min_id'] '1' default, used to ignore lower uid/gid's
['max_id'] '0' default, used to ignore higher uid/gid's
['ldap_sudo'] 'false' Adds ldap enabled sudoers (true/false)


*default: Installs and configures sssd daemon

License and Author

Author:: Tim Smith - (

Copyright:: 2013-2014, Limelights Networks, Inc

License:: Apache 2.0

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

CHANGELOG for sssd_ldap

This file is used to list changes made in each version of sssd_ldap.


  • Added support for min_id / max_id
  • Added support for conditional sudoers
  • Added attributes to the Readme
  • Updated Rubocop to 0.27


  • Switch modes to be strings not ints
  • Remove duplicate reference to the config template
  • Add shell_fallback attribute
  • Support Ubuntu 13.04 and later with Upstart
  • Allow authenticating to servers that don't require binding


  • Supports Ubuntu


  • Added some more configurable attributes


  • Initial release of sssd_ldap

Foodcritic Metric

1.0.2 passed this metric