Here is also my basic system configuration:
PI.cfg------
PI_HSM: default
PI_LOGFILE: /var/log/privacyidea/privacyidea.log
PI_AUDIT_KEY_PUBLIC: /etc/privacyidea/public.pem
PI_PEPPER: ZmJrpL6Kx9_fMPhqq9uOLfAi
PI_ENCFILE: /etc/privacyidea/enckey
For security reason we do not display the SQL URI, as it may contain the
database credentials.
PI_AUDIT_MODULE: privacyidea.lib.auditmodules.sqlaudit
PI_LOGLEVEL: 20
PI_AUDIT_KEY_PRIVATE: /etc/privacyidea/private.pem
SUPERUSER_REALM: [‘super’, ‘credentials’]
… note:: The SUPERUSER_REALM is a list of defined realms where the users
will have administrative rights when logging in to the web UI.
Local Admins
In addition to the SUPERUSER_REALM there are local administrators stored in
the database. The following administrators are defined:
System Base Configuration
UiLoginDisplayRealmBox: 0
AutoResync: 0
splitAtSign: 0
UiLoginDisplayHelpButton: 0
timestamp: 1486648120
ReturnSamlAttributesOnFail: 0
ReturnSamlAttributes: 1
PrependPin: 1
IncFailCountOnFalsePin: 0
Resolver Configuration
The following resolvers are defined. Resolvers are connections to user
stores.
To learn more about resolvers read [#resolvers]_.
admins
* Name of the resolver: admins
* Type of the resolver: passwdresolver
Configuration
.............
fileName: **/home/privacyidea/passwd**
Realm Configuration
-------------------
Several resolvers are grouped into realms.
To learn more about realms read [#realms]_.
The following realms have been defined from the resolvers:
administrators
~~~~~~~~~~~~~~~
* Name of the realm: administrators
**This is the default realm!**
Users in the default realm can authenticate without specifying the realm.
Users not in the default realm always need to specify the realm.
The following resolvers are configured in this realm:
* Name: admins
Priority: None
Type: passwdresolver
Policy Configuration
--------------------
Policies define the behaviour of privacyIDEA.
To learn more about policies read [#policies]_.
The following policies are defined in your system:
almighty_admin
~~~~~~~~~~~~~~~~~
time: ****
user: **[u'admin']**
resolver: **[]**
active: **False**
adminrealm: **[u'super']**
condition: **0**
realm: **[]**
client: **[]**
check_all_resolvers: **False**
action: **{u'set': True, u'revoke': True, u'adduser': True, u'enrollSMS':
True, u'policydelete': True, u'policywrite': True, u'enrollTIQR': True,
u'configdelete': True, u'machinelist': True, u'enrollREMOTE': True,
u'setpin': True, u'resync': True, u'unassign': True, u'tokenrealms': True,
u'enrollSPASS': True, u'auditlog': True, u'enrollPAPER': True,
u'deleteuser': True, u'enrollEMAIL': True, u'resolverdelete': True,
u'enrollMOTP': True, u'enrollPW': True, u'enrollHOTP': True,
u'enrollQUESTION': True, u'enrollCERTIFICATE': True, u'copytokenuser':
True, u'configwrite': True, u'enrollTOTP': True, u'enrollREGISTRATION':
True, u'enrollYUBICO': True, u'reset': True, u'enable': True, u'enrollU2F':
True, u'manage_machine_tokens': True, u'getrandom': True,
u'system_documentation': True, u'caconnectordelete': True,
u'caconnectorwrite': True, u'disable': True, u'radiusserver_write': True,
u'getserial': True, u'enrollRADIUS': True, u'copytokenpin': True,
u'set_hsm_password': True, u'updateuser': True, u'getchallenges': True,
u'enroll4EYES': True, u'smtpserver_write': True,
u'fetch_authentication_items': True, u'losttoken': True, u'enrollYUBIKEY':
True, u'enrollDAPLUG': True, u'mresolverwrite': True, u'assign': True,
u'userlist': True, u'enrollSSHKEY': True, u'importtokens': True, u'delete':
True, u'resolverwrite': True, u'mresolverdelete': True}**
scope: **admin**
login
~~~~~~~~~~~~~~~~~
time: ****
user: **[u'webuser']**
resolver: **[]**
active: **False**
adminrealm: **[u'super']**
condition: **0**
realm: **[]**
client: **[]**
check_all_resolvers: **False**
action: **{u'fetch_authentication_items': True, u'getserial': True}**
scope: **admin**
Machine Configuration
---------------------
**TODO**
Token Configuration
-------------------
**TODO**
CA Configuration
----------------
**TODO**
.. [#resolvers]
http://privacyidea.readthedocs.org/en/latest/configuration/useridresolvers.htm
.. [#realms]
http://privacyidea.readthedocs.org/en/latest/configuration/realms.html
.. [#policies]
http://privacyidea.readthedocs.org/en/latest/policies/index.html