diff options
author | Pavel Reichl <preichl@redhat.com> | 2015-03-26 12:38:32 -0400 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-27 16:34:05 +0100 |
commit | 4876ffc045dc73a868e28d250235edc462180a3c (patch) | |
tree | 13bed2f99b485763cfe6d99fb899c0d13b81e9e9 | |
parent | 21edb030269837885407b3de55bad2fe901d6cf7 (diff) | |
download | sssd-4876ffc045dc73a868e28d250235edc462180a3c.tar.gz sssd-4876ffc045dc73a868e28d250235edc462180a3c.tar.xz sssd-4876ffc045dc73a868e28d250235edc462180a3c.zip |
MAN: Update ppolicy description
Resolves:
https://fedorahosted.org/sssd/ticket/2612
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 1426ee8756a1df4ec0651417dce92e1dcc8a246d)
-rw-r--r-- | src/man/sssd-ldap.5.xml | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index 00da3964a..7de0faef2 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -1959,11 +1959,14 @@ ldap_access_filter = (employeeType=admin) If set, this option denies access in case that ldap attribute 'pwdAccountLockedTime' is present and has value of '000001010000Z' or represents any time in the past. - The value of 'pwdAccountLockedTime' attribute - must end with 'Z' as only UTC time zone is - currently suported. Please see the option - ldap_pwdlockout_dn. + The value of the 'pwdAccountLockedTime' attribute + must end with 'Z', which denotes the UTC time zone. + Other time zones are not currently supported and + will result in "access-denied" when users attempt + to log in. + + Please see the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' must be set for this feature to work. </para> |