PI.cfg
------
PI_HSM: **default**
PI_LOGFILE: **/var/log/privacyidea/privacyidea.log**
PI_AUDIT_KEY_PUBLIC: **/etc/privacyidea/public.pem**
PI_PEPPER: **ZmJrpL6Kx9_fMPhqq9uOLfAi**
PI_ENCFILE: **/etc/privacyidea/enckey**
For security reason we do not display the SQL URI, as it may contain the
database credentials.
PI_AUDIT_MODULE: **privacyidea.lib.auditmodules.sqlaudit**
PI_LOGLEVEL: **20**
PI_AUDIT_KEY_PRIVATE: **/etc/privacyidea/private.pem**
SUPERUSER_REALM: **['super', 'credentials']**
.. note:: The SUPERUSER_REALM is a list of defined realms where the users
will have administrative rights when logging in to the web UI.
Local Admins
------------
In addition to the SUPERUSER_REALM there are local administrators stored in
the database. The following administrators are defined:
* **admin** <None>
* **webuser** <None>
System Base Configuration
-------------------------
UiLoginDisplayRealmBox: **0**
AutoResync: **0**
splitAtSign: **0**
UiLoginDisplayHelpButton: **0**
__timestamp__: **1486648120**
ReturnSamlAttributesOnFail: **0**
ReturnSamlAttributes: **1**
PrependPin: **1**
IncFailCountOnFalsePin: **0**
Resolver Configuration
----------------------
The following resolvers are defined. Resolvers are connections to user stores.
To learn more about resolvers read [#resolvers]_.
admins
~~~~~~~~~~~~~~~~~~
* Name of the resolver: admins
* Type of the resolver: passwdresolver
Configuration
.............
fileName: **/home/privacyidea/passwd**
Realm Configuration
-------------------
Several resolvers are grouped into realms.
To learn more about realms read [#realms]_.
The following realms have been defined from the resolvers:
administrators
~~~~~~~~~~~~~~~
* Name of the realm: administrators
**This is the default realm!**
Users in the default realm can authenticate without specifying the realm.
Users not in the default realm always need to specify the realm.
The following resolvers are configured in this realm:
* Name: admins
Priority: None
Type: passwdresolver
Policy Configuration
--------------------
Policies define the behaviour of privacyIDEA.
To learn more about policies read [#policies]_.
The following policies are defined in your system:
almighty_admin
~~~~~~~~~~~~~~~~~
time: ****
user: **[u'admin']**
resolver: **[]**
active: **False**
adminrealm: **[u'super']**
condition: **0**
realm: **[]**
client: **[]**
check_all_resolvers: **False**
action: **{u'set': True, u'revoke': True, u'adduser': True, u'enrollSMS': True, u'policydelete': True, u'policywrite': True, u'enrollTIQR': True, u'configdelete': True, u'machinelist': True, u'enrollREMOTE': True, u'setpin': True, u'resync': True, u'unassign': True, u'tokenrealms': True, u'enrollSPASS': True, u'auditlog': True, u'enrollPAPER': True, u'deleteuser': True, u'enrollEMAIL': True, u'resolverdelete': True, u'enrollMOTP': True, u'enrollPW': True, u'enrollHOTP': True, u'enrollQUESTION': True, u'enrollCERTIFICATE': True, u'copytokenuser': True, u'configwrite': True, u'enrollTOTP': True, u'enrollREGISTRATION': True, u'enrollYUBICO': True, u'reset': True, u'enable': True, u'enrollU2F': True, u'manage_machine_tokens': True, u'getrandom': True, u'system_documentation': True, u'caconnectordelete': True, u'caconnectorwrite': True, u'disable': True, u'radiusserver_write': True, u'getserial': True, u'enrollRADIUS': True, u'copytokenpin': True, u'set_hsm_password': True, u'updateuser': True, u'getchallenges': True, u'enroll4EYES': True, u'smtpserver_write': True, u'fetch_authentication_items': True, u'losttoken': True, u'enrollYUBIKEY': True, u'enrollDAPLUG': True, u'mresolverwrite': True, u'assign': True, u'userlist': True, u'enrollSSHKEY': True, u'importtokens': True, u'delete': True, u'resolverwrite': True, u'mresolverdelete': True}**
scope: **admin**
login
~~~~~~~~~~~~~~~~~
time: ****
user: **[u'webuser']**
resolver: **[]**
active: **False**
adminrealm: **[u'super']**
condition: **0**
realm: **[]**
client: **[]**
check_all_resolvers: **False**
action: **{u'fetch_authentication_items': True, u'getserial': True}**
scope: **admin**
Machine Configuration
---------------------
**TODO**
Token Configuration
-------------------
**TODO**
CA Configuration
----------------
**TODO**