diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2013-11-29 11:39:09 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-12-19 17:42:05 +0100 |
| commit | d26b5b2526846f3c1d8ea54914bbea2cd0cb2826 (patch) | |
| tree | 8e7a126b8b641a463de305bc78e0eeb9d48f1b7e /src/man | |
| parent | 97d3ef21d9f293f0b4bc0cc38b37f4e3d54d3572 (diff) | |
| download | sssd-d26b5b2526846f3c1d8ea54914bbea2cd0cb2826.tar.gz sssd-d26b5b2526846f3c1d8ea54914bbea2cd0cb2826.tar.xz sssd-d26b5b2526846f3c1d8ea54914bbea2cd0cb2826.zip | |
AD: Add a new option to turn off GC lookups
SSSD now defaults to using GC by default. For some environments, for
instance those that don't or can't replicate the POSIX attributes to
Global Catalog, this might not be desirable.
This patch introduces a new option ad_enable_gc, that is enabled by
default. Setting this option to false makes the SSSD contact only the
LDAP port of AD DCs.
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/sssd-ad.5.xml | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index e31f87a96..38cc31278 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -228,6 +228,23 @@ FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com) </varlistentry> <varlistentry> + <term>ad_enable_gc (boolean)</term> + <listitem> + <para> + By default, the SSSD connects to the Global + Catalog first to retrieve users and uses the + LDAP port to retrieve group memberships or + as a fallback. Disabling this option makes + the SSSD only connect to the LDAP port of the + current AD server. + </para> + <para> + Default: true + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>dyndns_update (boolean)</term> <listitem> <para> |