[sssd]
domains = LDAP
config_file_version = 2

[nss]
filter_groups = root
filter_users = root

[pam]

[domain/LDAP]
id_provider = ldap
ldap_uri = ldaps://{{ ldap_server }}/
ldap_search_base = {{ basedn }}

auth_provider = ldap
auto_private_groups = true

cache_credentials = true

ldap_tls_reqcert = never