summaryrefslogtreecommitdiffstats
path: root/server/man
Commit message (Collapse)AuthorAgeFilesLines
* Add support for offline auth cache timeoutStephen Gallagher2009-10-221-0/+21
| | | | | | | | | This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
* User home directories managementJakub Hrozek2009-10-223-0/+154
| | | | | | Create and populate user directories on useradd, delete them on userdel Fixes: #212
* Start implementing ipa specific options.Simo Sorce2009-10-201-0/+182
| | | | | First step generate ldap options from ipa options. Add sssd-ipa man page too.
* more implicit provider target settingsSumit Bose2009-10-151-1/+28
| | | | | | | | | If auth_provider or access_provider is ont set explicitly id_provider is used if it can handle auth or access control requests respectively. If not auth defaults to 'none' and the access_provider is set to 'permit'. The option 'deny' is added for the access_provider to explicitly deny access.
* set chpass_provider implicit if not set explicitSumit Bose2009-10-151-0/+7
| | | | | | - if chpass_provider is not given in the configuration file but an auth_provider and the auth_provider can also handle change password requests it is used as chpass_provider.
* Remove magicPrivateGroups optionSimo Sorce2009-10-091-41/+0
| | | | | | | | | In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided.
* add description of chpass_provider option to sssd.conf man pageSumit Bose2009-10-081-0/+30
|
* more documentation and test for sssd.confSumit Bose2009-10-051-0/+5
| | | | | - add a hint to the man page about permissions on sssd.conf - add a test if a symbolic link can be opened
* Initial implementation of sasl bind supportSimo Sorce2009-10-011-0/+79
| | | | | | Inits krb5 credentials, if sasl mech is GSSAPI. Tested with GSSAPI and host keytab as well as user credentials. Updates also manpages with the new options.
* remove krb5_try_simple_upn option and make it a default fallbackSumit Bose2009-09-251-14/+16
|
* Send debug messages to logfileJakub Hrozek2009-09-251-0/+12
| | | | | | | | | | | | | Introduces a new option --debug-to-files which makes SSSD output its debug information to a file instead of stderr, which is still the default. Also introduces a new confdb option debug_to_files which does the same, but can be specified per-service in the config file. The logfiles are stored in /var/log/sssd by default. Changes the initscript to log to files by default.
* add new config options ldap_tls_cacert and ldap_tls_cacertdirSumit Bose2009-09-251-0/+43
|
* Manpages updateJakub Hrozek2009-09-253-224/+193
|
* added support for older MIT kerberos versionssbose2009-09-241-0/+89
| | | | | | | | | - make the build of the locator plugin optional - added a man page for the locator plugin - use krb5.h if krb5/krb5.h cannot be found - added alternatives for missing functions - set -DDBUS_API_SUBJECT_TO_CHANGE if libdbus version is lesser than 1.0.0
* add a man page for pam_sssSumit Bose2009-09-231-0/+3
|
* Remove provider=filesJakub Hrozek2009-09-231-11/+1
| | | | | | | Remove this provider type, as well as any references in the docs and examples to the "LEGACYLOCAL" migration domain. Fixes: #165
* Include groupSearchBase in sssd-ldap(5) manpageStephen Gallagher2009-09-181-1/+11
|
* Add missing reference to sssd-ldap(5) in sssd.conf(5) manpageStephen Gallagher2009-09-181-0/+3
|
* added child timeout handlerSumit Bose2009-09-141-0/+14
|
* add krb5ccache_dir and krb5ccname_template optionSumit Bose2009-09-141-0/+71
| | | | | | | | The configuration options krb5ccache_dir and krb5ccname_template are added to the Kerberos provider to create the user's credential caches the same way as pam_krb5 does. Due to the design of the sssd and the supported ccache types of MIT Kerberos only files are allowed.
* add change password target to krb5 backendSumit Bose2009-09-111-1/+16
|
* Update documentation and examplesSimo Sorce2009-09-112-15/+30
| | | | | | | Remove the "legacy" option from examples and man pages. Legacy is is finally R.I.P Add docs for ldapSchema in sssd-ldap man page.
* Small changes to the example config and manpageJakub Hrozek2009-09-111-12/+25
| | | | | | | | | Remove magicPrivateGroups since it's set automatically, use bool values for enumerate. Also add a notice about krb5 auth-module with a link to specialized manpage to sssd.conf(5) similar to what we have for ldap auth-module. Move both outside proxy domain description.
* Update manpage to reflect new syntax for enumerateStephen Gallagher2009-09-101-12/+6
|
* Add support for the EntryCacheNoWaitRefreshTimeoutStephen Gallagher2009-09-091-0/+13
| | | | | | | | This timeout specifies the lifetime of a cache entry before it is updated out-of-band. When this timeout is hit, the request will still complete from cache, but the SSSD will also go and update the cached entry in the background to extend the life of the cache entry and reduce the wait time of a future request.
* more fixes for older libpcre versionssbose2009-09-091-1/+6
| | | | | - older version of libpcre only support the Python syntax (?P<name>) for named subpatterns
* check if libpcre version is above or below 7Sumit Bose2009-09-011-0/+7
| | | | | PCRE_DUPNAMES is a new feature of libpcre 7. It is used in sssd to make the splitting of fully qualified user names more flexible.
* some UPN handling fixesSumit Bose2009-08-242-0/+30
| | | | | | - making the realm part upper case is now optional and done in the LDAP backend - using a username@realm UPN is now optional
* extended the documentation of LDAP backendSumit Bose2009-08-211-4/+185
| | | | | Added man pages sections about user and group attribute mapping. Added an example configuration to access an AD server.
* fix handling of filtersUsers in groupsSumit Bose2009-08-211-0/+12
| | | | | | | | - with the boolean option filterUsersInGroups it can be controlled wether filtered users appear in groups or not. - fixed an error which prevented the display of groups with filtered members - removed some tab indents
* Support Docbook 4.4Stephen Gallagher2009-08-2010-20/+20
| | | | | RHEL5 did not support Docbook 4.5, and we are not using any 4.5 features.
* Make the LOCAL provider always use MagicPrivateGroupsStephen Gallagher2009-08-201-1/+7
| | | | Also updates the manpage for sssd.conf to denote this
* enable usage of defaultBindDnSumit Bose2009-08-191-0/+21
|
* Make "files" a reserved word for legacy local domainJakub Hrozek2009-08-131-1/+11
| | | | | | | | This patch introduces provider=files as a valid provider. Upon loading the backend, its properties in confdb are overwritten to those that represent legacy local domain. Also document this in sssd.conf(5) and example config
* added kerberos backend with tevent_req event handlingSumit Bose2009-07-021-0/+98
|
* Remove redundant libPath option from proxy providerStephen Gallagher2009-06-301-12/+0
| | | | | The libPath should be constructed from the libName. There is no benefit to specifying it separately.
* man page for LDAP domainsJakub Hrozek2009-06-031-0/+232
|
* sssd.conf(5) man pageJakub Hrozek2009-06-021-0/+654
|
* Add more manpagesJakub Hrozek2009-06-017-7/+588
|
* Manpage generationJakub Hrozek2009-05-143-0/+152
Provides a set of make rules for generating UNIX manual pages from DocBook 4.5 source as well as sample manpage for sss_useradd. Automatic generation of manual pages during "make" process is tunable with config parameter "--with-manpages". To rebuild the man pages separately, use the "make doc" target. Before building, the manpages are validated using a DTD schema.
generated by cgit (git 2.34.1) at 2024-05-03 01:36:45 +0000