From 35480afaefafb77b28d35b29039989ab888aafe9 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Thu, 6 May 2010 10:09:41 -0400
Subject: Add ldap_access_filter option

This option (applicable to access_provider=ldap) allows the admin
to set an additional LDAP search filter that must match in order
for a user to be granted access to the system.

Common examples for this would be limiting access to users by in a
particular group, for example:
ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
---
 src/config/SSSDConfigTest.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/config/SSSDConfigTest.py')

diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index 61c2f949..04d438e0 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -687,7 +687,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
         control_provider_dict = {
             'ipa': ['id', 'auth', 'access', 'chpass'],
             'local': ['id', 'auth', 'chpass'],
-            'ldap': ['id', 'auth', 'chpass'],
+            'ldap': ['id', 'auth', 'access', 'chpass'],
             'krb5': ['auth', 'chpass'],
             'proxy': ['id', 'auth'],
             'simple': ['access'],
-- 
cgit