12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 |
- # Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- ---
- # This variable is used to accept the domain name the user intends to configure
- # Eg: ipa.test
- domain_name: "omnia.test"
- # A Kerberos realm is the domain over which a Kerberos authentication server has
- # the authority to authenticate a user, host or service.
- # A realm name is often, but not always the upper case version of the name of the
- # DNS domain over which it presides
- realm_name: "OMNIA.TEST"
- # Maximum number of consecutive failures before lockout
- # The default value of this variable can't be changed
- # Default value: 3
- max_failures: 3
- # Period (in seconds) after which the number of failed login attempts is reset
- # Default value: 60
- # Min: 30
- # Max: 60
- failure_reset_interval: 60
- # Period (in seconds) for which users are locked out
- # Default value: 10
- # Min: 5
- # Max: 10
- lockout_duration: 10
- # User sessions that have been idle for a specific period can be ended automatically
- # This variable sets session timeout to 3 minutes (180 seconds) by default
- # Min: 90
- # Max: 180
- session_timeout: 180
- # Email address used for sending alerts in case of authentication failure
- # If this variable is left blank, authentication failure alerts will be disabled.
- # Currently, only one email ID is accepted in this field
- alert_email_address: ""
- # This variable mentions the users to whom the access will be provided
- # format of user shall be username@ip or username
- # Ex1- root@1.2.3.4 Ex2- root Ex3- root@1.2.3.4 root (if multiple user, provide space seperated values) by default empty
- user: ''
- # This variable provides the type of access
- # Accepted values: "Allow" or "Deny"
- # Default value: "Allow"
- allow_deny: "Allow"
- # This variable is used to disable services.
- # Accepted values: "true" or "false".
- # Default value: false
- # Root access is needed.
- restrict_program_support: false
- # The below mentioned services can be disabled, by adding values in comma separated values format for restrict_softwares variable
- # Services: telnet,lpd,bluetooth,rlogin,rexec
- # Ex: restrict_softwares: 'telnet,rlogin,bluetooth' ( This disables 3 services, to disable more services, add services with comma separation. )
- restrict_softwares: ''
|