MAN: AD Provider GSSAPI clarification

Explicitly state that the AD provider uses Kerberos and GSSAPI for encrypting traffic to avoid attempted custom configurations with SSL/TLS Resolves: https://pagure.io/SSSD/sssd/issue/3377 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Justin Stephenson <jstephen@redhat.com> 2017-05-05 16:19:04 -0400
committer: Jakub Hrozek <jhrozek@redhat.com> 2017-05-09 13:26:36 +0200
commit: 133ee2239498b4c4fd95e509b72f2e9ef2620584 (patch)
tree: 6196400206ed11292f2b5f7a59627789be239bac
parent: 2186f88e0449f2303dc84e98c88379ccf8e55714 (diff)
download: sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.tar.gz
sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.tar.xz
sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
index f9aadc78a..cd25bf7fa 100644
--- a/src/man/sssd-ad.5.xml
+++ b/src/man/sssd-ad.5.xml
@@ -35,7 +35,10 @@
         <para>
             The AD provider is a back end used to connect to an Active
             Directory server. This provider requires that the machine be
-            joined to the AD domain and a keytab is available.
+            joined to the AD domain and a keytab is available. Back end
+            communication occurs over a GSSAPI-encrypted channel, SSL/TLS
+            options should not be used with the AD provider and will be
+            superceded by Kerberos usage.
         </para>
         <para>
             The AD provider supports connecting to Active Directory 2008 R2
author	Justin Stephenson <jstephen@redhat.com>	2017-05-05 16:19:04 -0400
committer	Jakub Hrozek <jhrozek@redhat.com>	2017-05-09 13:26:36 +0200
commit	133ee2239498b4c4fd95e509b72f2e9ef2620584 (patch)
tree	6196400206ed11292f2b5f7a59627789be239bac
parent	2186f88e0449f2303dc84e98c88379ccf8e55714 (diff)
download	sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.tar.gz sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.tar.xz sssd-133ee2239498b4c4fd95e509b72f2e9ef2620584.zip