From a2e6bd6ed16c92799d435043450f6156a773a6dc Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 23 Aug 2011 23:19:57 +0200
Subject: Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON

https://fedorahosted.org/sssd/ticket/978
---
 src/config/SSSDConfig.py                 | 1 +
 src/config/etc/sssd.api.d/sssd-ldap.conf | 1 +
 2 files changed, 2 insertions(+)

(limited to 'src/config')

diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index 53bd14f0..77a57c66 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -149,6 +149,7 @@ option_strings = {
     'ldap_dns_service_name' : _('Service name for DNS service lookups'),
     'ldap_page_size' : _('The number of records to retrieve in a single LDAP query'),
     'ldap_deref_threshold' : _('The number of members that must be missing to trigger a full deref'),
+    'ldap_sasl_canonicalize' : _('Whether the LDAP library should perform a reverse lookup to canonicalize the host name during a SASL bind'),
 
     'ldap_entry_usn' : _('entryUSN attribute'),
     'ldap_rootdse_last_usn' : _('lastUSN attribute'),
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 18321cad..78a7fa34 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -29,6 +29,7 @@ ldap_dns_service_name = str, None, false
 ldap_deref = str, None, false
 ldap_page_size = int, None, false
 ldap_deref_threshold = int, None, false
+ldap_sasl_canonicalize = bool, None, false
 
 [provider/ldap/id]
 ldap_search_timeout = int, None, false
-- 
cgit