diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-06 10:09:41 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-16 13:28:43 -0400 |
commit | fa26de3b1a8993a1c5a4b071851e5e5ff7ec2ce6 (patch) | |
tree | 7ce1399b2df00674a166ab1d6e387368667a6c70 /src/config/SSSDConfig.py | |
parent | 67421f2d62ceffb070070245a436bc46252b9420 (diff) | |
download | sssd-fa26de3b1a8993a1c5a4b071851e5e5ff7ec2ce6.tar.gz sssd-fa26de3b1a8993a1c5a4b071851e5e5ff7ec2ce6.tar.xz sssd-fa26de3b1a8993a1c5a4b071851e5e5ff7ec2ce6.zip |
Add ldap_access_filter option
This option (applicable to access_provider=ldap) allows the admin
to set an additional LDAP search filter that must match in order
for a user to be granted access to the system.
Common examples for this would be limiting access to users by in a
particular group, for example:
ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
Diffstat (limited to 'src/config/SSSDConfig.py')
-rw-r--r-- | src/config/SSSDConfig.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index 7082861d6..6baf3476c 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -150,6 +150,9 @@ option_strings = { # [provider/ldap/auth] 'ldap_pwd_policy' : _('Policy to evaluate the password expiration'), + # [provider/ldap/access] + 'ldap_access_filter' : _('LDAP filter to determine access privileges'), + # [provider/simple/access] 'simple_allow_users' : _('Comma separated list of allowed users'), 'simple_deny_users' : _('Comma separated list of prohibited users'), |