diff options
| author | Pavel Reichl <preichl@redhat.com> | 2014-04-10 16:25:45 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-06-02 19:20:59 +0200 |
| commit | 9fd8065663084acaf88e7fe10a52c60e9a2a5411 (patch) | |
| tree | be6abde20bbac930cf0050109477850720454d37 /src/man/sssd-ldap.5.xml | |
| parent | 59af140ef81f6d0f10db9549089998f5e05631cb (diff) | |
| download | sssd-9fd8065663084acaf88e7fe10a52c60e9a2a5411.tar.gz sssd-9fd8065663084acaf88e7fe10a52c60e9a2a5411.tar.xz sssd-9fd8065663084acaf88e7fe10a52c60e9a2a5411.zip | |
MAN: hint nested groups by simple access provider
sssd-ldap hints to use the simple access provider if a nested group membership
is needed. Add explicit notice in sssd-simple about support of nested group
membership.
Resolves:
https://fedorahosted.org/sssd/ticket/2308
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Diffstat (limited to 'src/man/sssd-ldap.5.xml')
| -rw-r--r-- | src/man/sssd-ldap.5.xml | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index ef6bd7448..d0f3467ea 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -1854,7 +1854,14 @@ users being denied access. Use access_provider = permit to change this default behavior. Please note that this filter is applied on - the LDAP user entry only. + the LDAP user entry only and thus filtering based + on nested groups may not work (e.g. memberOf + attribute on AD entries points only to direct + parents). If filtering based on nested groups + is required, please see + <citerefentry> + <refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>. </para> <para> Example: |