diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2010-05-11 17:51:55 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-16 13:28:12 -0400 |
| commit | ec93a5f5d677b006923cc3691e79735f9e40be33 (patch) | |
| tree | 6f621a85ad90708513bfc49b39428e3c39f4cbb5 /src/config | |
| parent | ef6cf2b176e40cf59ef19053ebf3ab29ef2a158b (diff) | |
| download | sssd-ec93a5f5d677b006923cc3691e79735f9e40be33.tar.gz sssd-ec93a5f5d677b006923cc3691e79735f9e40be33.tar.xz sssd-ec93a5f5d677b006923cc3691e79735f9e40be33.zip | |
SSSDConfigAPI fixes
* add forgotten ldap_dns_service option
* sync IPA and LDAP options (ldap_pwd_policy and ldap_tls_cacertdir)
* ldap_uri is no longer mandatory for LDAP provider - the default is to
use service discovery with no address set now. Ditto for krb5_kdcip
and ipa_server
Diffstat (limited to 'src/config')
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 4 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 6 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-krb5.conf | 2 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 4 |
4 files changed, 10 insertions, 6 deletions
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 7b005f6ca..32bb71239 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -641,9 +641,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): domain.add_provider('krb5', 'auth') backup_list = control_list[:] - control_list.extend( - ['krb5_kdcip', - 'krb5_realm']) + control_list.extend(['krb5_realm']) options = domain.list_mandatory_options() diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index f71498cc2..60835d5df 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -1,6 +1,6 @@ [provider/ipa] ipa_domain = str, None, true -ipa_server = str, None, true +ipa_server = str, None, false ipa_hostname = str, None, false ldap_uri = str, None, false ldap_search_base = str, None, false @@ -12,6 +12,7 @@ ldap_network_timeout = int, None, false ldap_opt_timeout = int, None, false ldap_offline_timeout = int, None, false ldap_tls_cacert = str, None, false +ldap_tls_cacertdir = str, None, false ldap_tls_reqcert = str, None, false ldap_sasl_mech = str, None, false ldap_sasl_authid = str, None, false @@ -24,6 +25,8 @@ ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false ldap_rootdse_last_usn = str, None, false ldap_referrals = bool, None, false +ldap_krb5_ticket_lifetime = int, None, false +ldap_dns_service_name = str, None, false [provider/ipa/id] ldap_search_timeout = int, None, false @@ -71,6 +74,7 @@ krb5_ccachedir = str, None, false krb5_ccname_template = str, None, false krb5_keytab = str, None, false krb5_validate = bool, None, false +ldap_pwd_policy = str, None, false [provider/ipa/access] diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf index f03ce6dbd..a9c8230b2 100644 --- a/src/config/etc/sssd.api.d/sssd-krb5.conf +++ b/src/config/etc/sssd.api.d/sssd-krb5.conf @@ -1,5 +1,5 @@ [provider/krb5] -krb5_kdcip = str, None, true +krb5_kdcip = str, None, false krb5_realm = str, None, true krb5_auth_timeout = int, None, false krb5_kpasswd = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index d2b47e13b..abcb5199d 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -1,5 +1,5 @@ [provider/ldap] -ldap_uri = str, None, true +ldap_uri = str, None, false ldap_search_base = str, None, true ldap_schema = str, None, true, rfc2307 ldap_default_bind_dn = str, None, false @@ -20,6 +20,8 @@ ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false ldap_rootdse_last_usn = str, None, false ldap_referrals = bool, None, false +ldap_krb5_ticket_lifetime = int, None, false +ldap_dns_service_name = str, None, false [provider/ldap/id] ldap_search_timeout = int, None, false |