summaryrefslogtreecommitdiffstats
path: root/src/man/sssd-ldap.5.xml
diff options
context:
space:
mode:
Diffstat (limited to 'src/man/sssd-ldap.5.xml')
-rw-r--r--src/man/sssd-ldap.5.xml16
1 files changed, 16 insertions, 0 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 6426fe4fc..3738dc3ba 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -928,6 +928,22 @@
RFC2307 schema.
</para>
<para>
+ Note: This option specifies the guaranteed level of
+ nested groups to be processed for any lookup. However,
+ nested groups beyond this limit
+ <emphasis>may be</emphasis> returned if previous
+ lookups already resolved the deeper nesting levels.
+ Also, subsequent lookups for other groups may enlarge
+ the result set for original lookup if re-queried.
+ </para>
+ <para>
+ If ldap_group_nesting_level is set to 0 then no
+ nested groups are processed at all. However, when
+ connected to Active-Directory Server 2008 and later
+ it is furthermore required to disable usage of
+ Token-Groups by setting ldap_use_tokengroups to false.
+ </para>
+ <para>
Default: 2
</para>
</listitem>
generated by cgit (git 2.34.1) at 2024-06-15 10:03:12 +0000