diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2009-06-02 23:25:46 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-06-03 13:57:07 -0400 |
| commit | e267b6ac27f6755482de0a3503f987d4b8592c43 (patch) | |
| tree | 019878bedeeb79efdfbc53ad8a1939a09008d6f6 | |
| parent | e7514def89cbbf52cc49fbc0f8ad6fe642304331 (diff) | |
| download | sssd-e267b6ac27f6755482de0a3503f987d4b8592c43.tar.gz sssd-e267b6ac27f6755482de0a3503f987d4b8592c43.tar.xz sssd-e267b6ac27f6755482de0a3503f987d4b8592c43.zip | |
man page for LDAP domains
| -rw-r--r-- | server/Makefile.am | 2 | ||||
| -rw-r--r-- | server/man/sssd-ldap.5.xml | 232 |
2 files changed, 233 insertions, 1 deletions
diff --git a/server/Makefile.am b/server/Makefile.am index e38f1befe..00e7057e5 100644 --- a/server/Makefile.am +++ b/server/Makefile.am @@ -400,7 +400,7 @@ XSLTPROC_FLAGS = --catalogs --xinclude --nonet dist_man_MANS = man/sss_useradd.8 man/sss_userdel.8 man/sss_usermod.8 \ man/sss_groupadd.8 man/sss_groupdel.8 man/sss_groupmod.8 \ - man/sssd.8 man/sssd.conf.5 + man/sssd.8 man/sssd.conf.5 man/sssd-ldap.5 SUFFIXES = .1.xml .1 .3.xml .3 .5.xml .5 .8.xml .8 .1.xml.1: diff --git a/server/man/sssd-ldap.5.xml b/server/man/sssd-ldap.5.xml new file mode 100644 index 000000000..851220926 --- /dev/null +++ b/server/man/sssd-ldap.5.xml @@ -0,0 +1,232 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN" +"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"> +<reference> +<title>SSSD Manual pages</title> +<refentry> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" /> + + <refmeta> + <refentrytitle>sssd-ldap</refentrytitle> + <manvolnum>5</manvolnum> + <refmiscinfo class="manual">File Formats and Conventions</refmiscinfo> + </refmeta> + + <refnamediv id='name'> + <refname>sssd-ldap</refname> + <refpurpose>the configuration file for SSSD</refpurpose> + </refnamediv> + + <refsect1 id='description'> + <title>DESCRIPTION</title> + <para> + This manual page describes the configuration of LDAP + domains for + <citerefentry> + <refentrytitle>sssd</refentrytitle> + <manvolnum>8</manvolnum> + </citerefentry>. + For detailed syntax reference, please refer to + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> manual page, section <quote>FILE FORMAT</quote> + </para> + <para> + There can be more than one LDAP domain configured with SSSD. + </para> + </refsect1> + + <refsect1 id='file-format'> + <title>CONFIGURATION OPTIONS</title> + <para> + All the common configuration options for SSSD domains apply + for LDAP domains, too. See the + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> manual page, section <quote>DOMAIN SECTIONS</quote> + + <variablelist> + <varlistentry> + <term>ldapUri (string)</term> + <listitem> + <para> + Specifies the URI of the LDAP server to which + SSSD should connect. + </para> + <para> + Default: ldap://localhost + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>defaultBindDn (string)</term> + <listitem> + <para> + The default bind DN to use for + performing LDAP operations. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>userSearchBase (string)</term> + <listitem> + <para> + The default base DN to use for + performing LDAP operations. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>userNameAttribute (string)</term> + <listitem> + <para> + The LDAP attribute that corresponds to + user's login name. + </para> + <para> + Default: uid + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>userObjectClass (string)</term> + <listitem> + <para> + The object class of a user entry in LDAP. + </para> + <para> + Default: posixAccount + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>network_timeout (integer)</term> + <listitem> + <para> + Specifies the timeout (in seconds) after which + the + <citerefentry> + <refentrytitle>poll</refentrytitle> + <manvolnum>2</manvolnum> + </citerefentry>/<citerefentry> + <refentrytitle>select</refentrytitle> + <manvolnum>2</manvolnum> + </citerefentry> + following a + <citerefentry> + <refentrytitle>connect</refentrytitle> + <manvolnum>2</manvolnum> + </citerefentry> + returns in case of no activity. + </para> + <para> + Default: 5 + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>opt_timeout (integer)</term> + <listitem> + <para> + Specifies a timeout (in seconds) after which + calls to synchronous LDAP APIs will abort if no + response is received. + </para> + <para> + Default: 5 + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>tls_reqcert (string)</term> + <listitem> + <para> + Specifies what checks to perform on server + certificates in a TLS session, if any. It + can be specified as one of the following + values: + </para> + <para> + <emphasis>never</emphasis> = The client will + not request or check any server certificate. + </para> + <para> + <emphasis>allow</emphasis> = The server + certificate is requested. If no certificate is + provided, the session proceeds normally. If a + bad certificate is provided, it will be ignored + and the session proceeds normally. + </para> + <para> + <emphasis>try</emphasis> = The server certificate + is requested. If no certificate is provided, the + session proceeds normally. If a bad certificate + is provided, the session is immediately terminated. + </para> + <para> + <emphasis>demand</emphasis> = The server + certificate is requested. If no certificate + is provided, or a bad certificate is provided, + the session is immediately terminated. + </para> + <para> + <emphasis>hard</emphasis> = Same as + <quote>demand</quote> + </para> + </listitem> + </varlistentry> + + </variablelist> + </para> + </refsect1> + + <refsect1 id='example'> + <title>EXAMPLE</title> + <para> + The following example assumes that SSSD is correctly + configured and LDAP is set set one of the domains in the + <replaceable>[domains]</replaceable> section. + </para> + <para> +<programlisting> + [domains/LDAP] + auth-module = ldap + ldapUri = ldap://ldap.mydomain.org + userSearchBase = dc=mydomain,dc=org +</programlisting> + </para> + </refsect1> + + <refsect1 id='notes'> + <title>NOTES</title> + <para> + Description of some of the configuration options in this manual + page is based on <citerefentry> + <refentrytitle>ldap.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> manual page from the OpenLDAP 2.4 distribution. + </para> + </refsect1> + + <refsect1 id='see_also'> + <title>SEE ALSO</title> + <para> + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> + </para> + </refsect1> +</refentry> +</reference> |