Add ldap_chpass_uri config option

2 files changed, 6 insertions, 1 deletions

diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index e48e83ab9..9584de176 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -163,6 +163,10 @@ option_strings = {
     'ldap_account_expire_policy' : _('Which attributes shall be used to evaluate if an account is expired'),
     'ldap_access_order' : _('Which rules should be used to evaluate access control'),
 
+    # [provider/ldap/chpass]
+    'ldap_chpass_uri' : _('URI of an LDAP server where password changes are allowed'),
+    'ldap_chpass_dns_service_name' : _('DNS service name for LDAP password change server'),
+
     # [provider/simple/access]
     'simple_allow_users' : _('Comma separated list of allowed users'),
     'simple_deny_users' : _('Comma separated list of prohibited users'),
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index b7d2f9b2b..2d44fb4ba 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -84,4 +84,5 @@ ldap_account_expire_policy = str, None, false
 ldap_access_order = str, None, false
 
 [provider/ldap/chpass]
-
+ldap_chpass_uri = str, None, false
+ldap_chpass_dns_service_name = str, None, false