diff options
| author | Simo Sorce <simo@redhat.com> | 2013-03-15 15:27:31 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-03-20 11:49:50 +0100 |
| commit | fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934 (patch) | |
| tree | 333f20454afe5782e569a41d929631d938905151 /src/config | |
| parent | dfd71fc92db940b2892cc996911cec03d7b6c52b (diff) | |
| download | sssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.tar.gz sssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.tar.xz sssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.zip | |
ldap: Fallback option for rfc2307 schema
Add option to fallback to fetch local users if rfc2307is being used.
This is useful for cases where people added local users as LDAP members
and rely on these group memberships to be maintained on the local host.
Disabled by default as it violates identity domain separation.
Ticket:
https://fedorahosted.org/sssd/ticket/1020
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 |
3 files changed, 3 insertions, 0 deletions
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 0154e6aa9..85e34cb18 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -104,6 +104,7 @@ ldap_idmap_default_domain = str, None, false ldap_idmap_default_domain_sid = str, None, false ldap_groups_use_matching_rule_in_chain = bool, None, false ldap_initgroups_use_matching_rule_in_chain = bool, None, false +ldap_rfc2307_fallback_to_local_users = bool, None, false [provider/ad/auth] krb5_ccachedir = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 87f69a23f..e9c7b2326 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -125,6 +125,7 @@ ldap_idmap_default_domain = str, None, false ldap_idmap_default_domain_sid = str, None, false ldap_groups_use_matching_rule_in_chain = bool, None, false ldap_initgroups_use_matching_rule_in_chain = bool, None, false +ldap_rfc2307_fallback_to_local_users = bool, None, false [provider/ipa/auth] krb5_ccachedir = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 3b6b4e8fb..40e2aa09d 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -114,6 +114,7 @@ ldap_idmap_default_domain = str, None, false ldap_idmap_default_domain_sid = str, None, false ldap_groups_use_matching_rule_in_chain = bool, None, false ldap_initgroups_use_matching_rule_in_chain = bool, None, false +ldap_rfc2307_fallback_to_local_users = bool, None, false [provider/ldap/auth] ldap_pwd_policy = str, None, false |