[sssd]
config_file_version = 2
debug_level = 0
reconnection_retries = 3

sbus_timeout = 30
services = nss, pam

domains = default
[nss]

reconnection_retries = 3

[pam]
reconnection_retries = 3

[domain/default]
cache_credentials = True
enumerate = true

id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
access_provider = ldap

ldap_sasl_mech = GSSAPI
ldap_sasl_authid = host/mhcentos3.b.domain.org@B.DOMAIN.ORG
ldap_schema = rfc2307bis

ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_user_name = sAMAccountName

ldap_group_object_class = group

ldap_access_order = expire
ldap_account_expire_policy = ad
ldap_force_upper_case_realm = true
ldap_disable_referrals = true

krb5_realm = B.DOMAIN.ORG