diff options
| author | Pavel Reichl <preichl@redhat.com> | 2015-01-07 09:40:45 +0000 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-26 23:29:17 +0100 |
| commit | b22e0da9e644f5eb84ee0c8986979fec3fe7eb56 (patch) | |
| tree | a905720ef4a1ced0dafa367fba21db3905953a25 /src | |
| parent | fc2146c108e28d50bbf691925cedf9592142dd14 (diff) | |
| download | sssd-b22e0da9e644f5eb84ee0c8986979fec3fe7eb56.tar.gz sssd-b22e0da9e644f5eb84ee0c8986979fec3fe7eb56.tar.xz sssd-b22e0da9e644f5eb84ee0c8986979fec3fe7eb56.zip | |
AD: add new option ad_site
This option overrides a result of the automatic site discovery.
Resolves:
https://fedorahosted.org/sssd/ticket/2486
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 2 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
| -rw-r--r-- | src/man/sssd-ad.5.xml | 14 | ||||
| -rw-r--r-- | src/providers/ad/ad_common.h | 1 | ||||
| -rw-r--r-- | src/providers/ad/ad_opts.h | 1 |
5 files changed, 19 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index 500bd717f..ae00a2b7f 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -188,6 +188,8 @@ option_strings = { 'ad_gpo_map_permit' : _('PAM service names for which GPO-based access is always granted'), 'ad_gpo_map_deny' : _('PAM service names for which GPO-based access is always denied'), 'ad_gpo_default_right' : _('Default logon right (or permit/deny) to use for unmapped PAM service names'), + 'ad_site' : _('a particular site to be used by the client'), + # [provider/krb5] 'krb5_kdcip' : _('Kerberos server address'), 'krb5_server' : _('Kerberos server address'), diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 3496fb400..5a5ea0c36 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -16,6 +16,7 @@ ad_gpo_map_service = str, None, false ad_gpo_map_permit = str, None, false ad_gpo_map_deny = str, None, false ad_gpo_default_right = str, None, false +ad_site = str, None, false ldap_uri = str, None, false ldap_backup_uri = str, None, false ldap_search_base = str, None, false diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 1b33f28ab..2d3c88c6e 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -228,6 +228,20 @@ FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com) </varlistentry> <varlistentry> + <term>ad_site (string)</term> + <listitem> + <para> + Specify AD site to which client should try to connect. + If this option is not provided, the AD site will be + auto-discovered. + </para> + <para> + Default: Not set + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>ad_enable_gc (boolean)</term> <listitem> <para> diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h index b39ade40c..dcd70bf94 100644 --- a/src/providers/ad/ad_common.h +++ b/src/providers/ad/ad_common.h @@ -60,6 +60,7 @@ enum ad_basic_opt { AD_GPO_MAP_PERMIT, AD_GPO_MAP_DENY, AD_GPO_DEFAULT_RIGHT, + AD_SITE, AD_KRB5_CONFD_PATH, AD_OPTS_BASIC /* opts counter */ diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h index d9405e502..f4c1c523b 100644 --- a/src/providers/ad/ad_opts.h +++ b/src/providers/ad/ad_opts.h @@ -48,6 +48,7 @@ struct dp_option ad_basic_opts[] = { { "ad_gpo_map_permit", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ad_gpo_map_deny", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ad_gpo_default_right", DP_OPT_STRING, NULL_STRING, NULL_STRING }, + { "ad_site", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "krb5_confd_path", DP_OPT_STRING, { KRB5_MAPPING_DIR }, NULL_STRING }, DP_OPTION_TERMINATOR }; |