From 1c48b5a62f73234ed26bb20f0ab345ab61cda0ab Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Thu, 18 Feb 2010 07:49:04 -0500 Subject: Rename server/ directory to src/ Also update BUILD.txt --- src/man/sssd-ipa.5.xml | 159 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) create mode 100644 src/man/sssd-ipa.5.xml (limited to 'src/man/sssd-ipa.5.xml') diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml new file mode 100644 index 00000000..d1ba1c52 --- /dev/null +++ b/src/man/sssd-ipa.5.xml @@ -0,0 +1,159 @@ + + + +SSSD Manual pages + + + + + sssd-ipa + 5 + File Formats and Conventions + + + + sssd-ipa + the configuration file for SSSD + + + + DESCRIPTION + + This manual page describes the configuration of the IPA provider + for + + sssd + 8 + . + For a detailed syntax reference, refer to the FILE FORMAT section of the + + sssd.conf + 5 + manual page. + + + The IPA provider is a back end used to connect to an IPA server. + (Refer to the freeipa.org web site for information about IPA servers.) + This provider requires that the machine be joined to the IPA domain; + configuration is almost entirely self-discovered and obtained + directly from the server. + + + The IPA provider accepts the same options used by the + + sssd-ldap + 5 + identity provider and the + + sssd-krb5 + 5 + authentication provider. + However, it is neither necessary nor recommended to set these options. + + + + + CONFIGURATION OPTIONS + Refer to the section DOMAIN SECTIONS of the + + sssd.conf + 5 + manual page for details on the configuration of an SSSD domain. + + + ipa_domain (string) + + + Specifies the name of the IPA domain. + This is optional. If not provided, the configuration + domain name is used. + + + + + + ipa_server (string) + + + The list of IP addresses or hostnames of the + IPA servers to which SSSD should connect in + the order of preference. For more information + on failover and server redundancy, see the + FAILOVER section. + This is optional if autodiscovery is enabled. + + + + + + ipa_hostname (string) + + + Optional. May be set on machines where the + hostname(5) does not reflect the fully qualified + name used in the IPA domain to identify this host. + + + + + + krb5_validate (boolean) + + + Verify with the help of krb5_keytab that the TGT + obtained has not been spoofed. + + + Default: true + + + Note that this default differs from the + traditional Kerberos provider back end. + + + + + + + + + + + + EXAMPLE + + The following example assumes that SSSD is correctly + configured and example.com is one of the domains in the + [sssd] section. This examples shows only + the ipa provider-specific options. + + + + [domain/example.com] + id_provider = ipa + ipa_server = ipaserver.example.com + ipa_hostname = myhost.example.com + + + + + + SEE ALSO + + + sssd.conf5 + , + + sssd-ldap5 + , + + sssd-krb55 + , + + sssd8 + + + + + -- cgit