diff options
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/sssd-ldap.5.xml | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index dca9938b8..613b63f69 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -1955,6 +1955,20 @@ ldap_access_filter = (employeeType=admin) be set for this feature to work. </para> <para> + <emphasis>ppolicy</emphasis>: use account locking. + If set, this option denies access in case that ldap + attribute 'pwdAccountLockedTime' is present and has + value of '000001010000Z' or represents any time in the past. + The value of 'pwdAccountLockedTime' attribute + must end with 'Z' as only UTC time zone is + currently suported. Please see the option + ldap_pwdlockout_dn. + + Please note that 'access_provider = ldap' must + be set for this feature to work. + </para> + + <para> <emphasis>expire</emphasis>: use ldap_account_expire_policy </para> |