summaryrefslogtreecommitdiffstats
path: root/src/man/sssd-ldap.5.xml
Commit message (Collapse)AuthorAgeFilesLines
* Add authorizedService supportStephen Gallagher2010-12-211-0/+26
| | | | https://fedorahosted.org/sssd/ticket/670
* Replace krb5_kdcip by krb5_server in LDAP providerSumit Bose2010-12-071-1/+7
|
* Add ldap_chpass_uri config optionSumit Bose2010-12-061-0/+34
|
* Add new account expired rule to LDAP access providerSumit Bose2010-12-061-1/+54
| | | | | | | | | | | | | | Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
* Allow protocol fallback for SRV queriesJakub Hrozek2010-12-011-0/+5
| | | | https://fedorahosted.org/sssd/ticket/691
* Fix man pageSumit Bose2010-11-191-2/+2
| | | | | | Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication.
* Properly document ldap_purge_cache_timeoutStephen Gallagher2010-11-151-0/+19
| | | | Also allow it to be disabled entirely
* Review comments for namingContexts patchesSumit Bose2010-11-051-9/+3
|
* Make ldap_search_base a non-mandatory optionSumit Bose2010-11-041-3/+20
|
* Add ldap_deref optionSumit Bose2010-10-221-0/+35
|
* Move all references to ldap_<entity>_search_base to "advanced" sectionJan Zeleny2010-10-181-42/+52
| | | | | | | The <entity> can be one of user, group or netgroup. The references were removed from example configuration and they were moved from section Configuration options to section Advanced options. Ticket: #607
* Add option to limit nested groupsSimo Sorce2010-10-181-0/+16
|
* Add infrastructure to LDAP provider for netgroup supportSumit Bose2010-10-131-0/+91
|
* Add KDC to the list of LDAP optionsJakub Hrozek2010-10-131-0/+18
|
* Man pages should mention supported providersJan Zeleny2010-10-131-5/+7
| | | | | | | Each back end can support id, auth or access provider, but each back end supports different subset of these. Man pages should describe which providers are supported by each back end. Ticket: #615
* Deobfuscate password in back endsJakub Hrozek2010-09-081-1/+10
| | | | | | When obfuscated password is used in config file, the LDAP backend converts it back to clear text and uses it to authenticate to the server.
* Reviewed sssd-ldap man pageJan Zeleny2010-09-071-7/+207
| | | | Some config options updated, newly documented 12 new options.
* Standardize on correct spelling of "principal" for krb5Stephen Gallagher2010-06-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/542
* Add ldap_access_filter optionStephen Gallagher2010-05-271-0/+39
| | | | | | | | | | This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
* Add ldap_krb5_ticket_lifetime optionSumit Bose2010-05-161-0/+13
|
* Use service discovery in backendsJakub Hrozek2010-05-071-3/+17
| | | | | | | | | Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set.
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+688
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-05-03 00:51:38 +0000