man: document the need to set ldap_access_order

https://fedorahosted.org/sssd/ticket/1789 ldap_access_order must be set in order to non-default access control options to work. This patch amends the sssd-ldap man page to document this fact with all non-default ldap_access_order options.
author: Jakub Hrozek <jhrozek@redhat.com> 2013-06-09 12:14:07 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-06-10 15:30:24 +0200
commit: 2461079ba20a42f47d7cf7982664f654c9286b59 (patch)
tree: fb287b1465447ea7379c204d6e682c43a860e3c8 /src/man
parent: 65c2e0045f2decf3b565ebedae07560cb097e0e5 (diff)
download: sssd-2461079ba20a42f47d7cf7982664f654c9286b59.tar.gz
sssd-2461079ba20a42f47d7cf7982664f654c9286b59.tar.xz
sssd-2461079ba20a42f47d7cf7982664f654c9286b59.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 37df5ec1b..97b5fdc57 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -717,6 +717,13 @@
                             for allow_all (*).
                         </para>
                         <para>
+                            Please note that the ldap_access_order
+                            configuration option <emphasis>must</emphasis> include
+                            <quote>authorized_service</quote> in order for the
+                            ldap_user_authorized_service option
+                            to work.
+                        </para>
+                        <para>
                             Default: authorizedService
                         </para>
                     </listitem>
@@ -737,6 +744,13 @@
                             for allow_all (*).
                         </para>
                         <para>
+                            Please note that the ldap_access_order
+                            configuration option <emphasis>must</emphasis>
+                            include <quote>host</quote> in order for the
+                            ldap_user_authorized_host option
+                            to work.
+                        </para>
+                        <para>
                             Default: host
                         </para>
                     </listitem>
@@ -1759,6 +1773,13 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com
                             <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/experimental.xml" />
                         </para>
                         <para>
+                            Please note that the ldap_access_order
+                            configuration option <emphasis>must</emphasis>
+                            include <quote>expire</quote> in order for the
+                            ldap_account_expire_policy option
+                            to work.
+                        </para>
+                        <para>
                             Default: Empty
                         </para>
                     </listitem>
author	Jakub Hrozek <jhrozek@redhat.com>	2013-06-09 12:14:07 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-06-10 15:30:24 +0200
commit	2461079ba20a42f47d7cf7982664f654c9286b59 (patch)
tree	fb287b1465447ea7379c204d6e682c43a860e3c8 /src/man
parent	65c2e0045f2decf3b565ebedae07560cb097e0e5 (diff)
download	sssd-2461079ba20a42f47d7cf7982664f654c9286b59.tar.gz sssd-2461079ba20a42f47d7cf7982664f654c9286b59.tar.xz sssd-2461079ba20a42f47d7cf7982664f654c9286b59.zip