From 7df5fd383ed1f1b26c0a9a0071d6e4fc612550e7 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 19 Nov 2012 17:34:56 +0100
Subject: LDAP: Make it possible to use full principal in ldap_sasl_authid
 again

---
 src/man/sssd-ldap.5.xml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/man')

diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 2d62c11f2..b1be45fe2 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -1418,6 +1418,9 @@
                             Specify the SASL authorization id to use.
                             When GSSAPI is used, this represents the Kerberos
                             principal used for authentication to the directory.
+                            This option can either contain the full principal (for
+                            example host/myhost@EXAMPLE.COM) or just the principal name
+                            (for example host/myhost).
                         </para>
                         <para>
                             Default: host/hostname@REALM
@@ -1431,6 +1434,8 @@
                         <para>
                             Specify the SASL realm to use. When not specified,
                             this option defaults to the value of krb5_realm.
+                            If the ldap_sasl_authid contains the realm as well,
+                            this option is ignored.
                         </para>
                         <para>
                             Default: the value of krb5_realm.
-- 
cgit