diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-12-22 18:25:45 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-19 09:53:20 -0500 |
| commit | d73fcc5183a676aed4fd040714b87274248b784c (patch) | |
| tree | b1ce3d709a7539b7fa16e2bbf3c8aaf2716070c0 /src/man | |
| parent | 22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18 (diff) | |
| download | sssd-d73fcc5183a676aed4fd040714b87274248b784c.tar.gz sssd-d73fcc5183a676aed4fd040714b87274248b784c.tar.xz sssd-d73fcc5183a676aed4fd040714b87274248b784c.zip | |
Add LDAP expire policy base RHDS/IPA attribute
The attribute nsAccountLock is used by RHDS, IPA and other directory
servers to indicate that the account is locked.
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/sssd-ldap.5.xml | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index 65c679d61..b133b3bcc 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -464,6 +464,20 @@ </varlistentry> <varlistentry> + <term>ldap_ns_account_lock (string)</term> + <listitem> + <para> + When using ldap_account_expire_policy=rhds or + equivalent, this parameter determines if access is + allowed or not. + </para> + <para> + Default: nsAccountLock + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>ldap_user_principal (string)</term> <listitem> <para> @@ -1163,6 +1177,12 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com expiration time of the account is checked. </para> <para> + <emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, + <emphasis>389ds</emphasis>: + use the value of ldap_ns_account_lock to check if + access is allowed or not. + </para> + <para> Default: Empty </para> </listitem> |