From f20c082881ba287c5de415b983c1e54fee987b4b Mon Sep 17 00:00:00 2001 From: Dan Lavu Date: Mon, 30 Nov 2015 04:51:00 -0500 Subject: Clarify that subdomains always use service discovery Reviewed-by: Jakub Hrozek --- src/man/sssd-ad.5.xml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 047cf046..725663b7 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -42,9 +42,10 @@ or later. Earlier versions may work, but are unsupported. - The AD provider is able to provide identity information and - authentication for entities from trusted domains as well. Currently - only trusted domains in the same forest are recognized. + The AD provider can be used to get user information + and authenticate users from trusted domains. Currently + only trusted domains in the same forest are recognized. In + addition servers from trusted domains are always auto-discovered. The AD provider accepts the same options used by the @@ -121,10 +122,17 @@ ldap_id_mapping = False connect in order of preference. For more information on failover and server redundancy, see the FAILOVER section. + + This is optional if autodiscovery is enabled. For more information on service discovery, refer to the SERVICE DISCOVERY section. + + Note: Trusted domains will always auto-discover + servers even if the primary server is explicitly + defined in the ad_server option. + -- cgit