Add the whole shell script to setup SSSD

topics/user-federation/sssd.adoc

@@ -49,10 +49,60 @@ You should be prompted for the password. After that, you may be able to add user
 
 ==== SSSD and D-Bus
 
-As mentioned before, the federation provider gets the data from SSSD via D-BUS and authentication happens using http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM]. All you have to is to run the provisioning script available at {{book.project.name}} distribution.
+As mentioned before, the federation provider gets the data from SSSD via D-BUS and authentication happens using http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM].
+
+{% if book.community %}
+
+All you have to is to run the provisioning script available at {{book.project.name}} distribution.
 
   $ bin/federation-sssd-setup.sh
 
+{% endif %}
+
+{% if book.community %}
+
+All you have to is to copy and run the provisioning script below:
+
+[source,bash]
+----
+
+#!/bin/sh
+
+# Setup for SSSD
+SSSD_FILE="/etc/sssd/sssd.conf"
+
+if [ -f "$SSSD_FILE" ];
+then
+  sed -i '/ldap_tls_cacert/a ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname, telephoneNumber:telephoneNumber' $SSSD_FILE
+  sed -i 's/nss, sudo, pam/nss, sudo, pam, ifp/' $SSSD_FILE
+  sed -i '/\[ifp\]/a allowed_uids = root\nuser_attributes = +mail, +telephoneNumber, +givenname, +sn' $SSSD_FILE
+  systemctl restart sssd
+else
+  echo "Please make sure you have $SSSD_FILE into your system! Aborting."
+  exit 1
+fi
+
+# Setup for PAM
+PAM_FILE="/etc/pam.d/keycloak"
+
+if [ ! -f "$PAM_FILE" ];
+then
+cat <<EOF > $PAM_FILE
+  auth    required   pam_sss.so
+  account required   pam_sss.so
+EOF
+else
+  echo "$PAM_FILE already exists. Skipping it..."
+  exit 0
+fi
+
+
+
+----
+{% endif %}
+
+
+
 This script do the proper changes to `/etc/sssd/sssd.conf`:
 
   [domain/your-hostname.local]