diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2010-09-29 12:37:04 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-10-13 07:56:20 -0400 |
commit | 39b0adeaaf2429c7cbad045f7f8a79d51d02bee5 (patch) | |
tree | dc9e83062eb7a29fdaab535584b52e16c1799f84 | |
parent | 3b1df539835367cb81cd5ff0f9959947d5642e55 (diff) | |
download | sssd-39b0adeaaf2429c7cbad045f7f8a79d51d02bee5.tar.gz sssd-39b0adeaaf2429c7cbad045f7f8a79d51d02bee5.tar.bz2 sssd-39b0adeaaf2429c7cbad045f7f8a79d51d02bee5.zip |
Man pages should mention supported providers
Each back end can support id, auth or access provider, but each
back end supports different subset of these. Man pages should
describe which providers are supported by each back end.
Ticket: #615
-rw-r--r-- | src/man/sssd-ipa.5.xml | 4 | ||||
-rw-r--r-- | src/man/sssd-krb5.5.xml | 17 | ||||
-rw-r--r-- | src/man/sssd-ldap.5.xml | 12 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 8 |
4 files changed, 28 insertions, 13 deletions
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml index 95f8613d..afa52e3c 100644 --- a/src/man/sssd-ipa.5.xml +++ b/src/man/sssd-ipa.5.xml @@ -50,6 +50,10 @@ <manvolnum>5</manvolnum> </citerefentry> authentication provider. However, it is neither necessary nor recommended to set these options. + IPA provider can also be used as an access and chpass provider. As an + access provider it uses HBAC (host-based access control) rules. Please + refer to freeipa.org for more information about HBAC. No configuration + of access provider is required on the client side. </para> </refsect1> diff --git a/src/man/sssd-krb5.5.xml b/src/man/sssd-krb5.5.xml index 489a5072..dbe96a1d 100644 --- a/src/man/sssd-krb5.5.xml +++ b/src/man/sssd-krb5.5.xml @@ -33,14 +33,15 @@ </citerefentry> manual page </para> <para> - The Kerberos 5 authentication backend does not contain an identity - provider and must be paired with one in order to function properly (for - example, id_provider = ldap). Some information required by the Kerberos - 5 authentication backend must be provided by the identity provider, such - as the user's Kerberos Principal Name (UPN). The configuration of the - identity provider should have an entry to specify the UPN. Please refer - to the man page for the applicable identity provider for details on how - to configure this. + The Kerberos 5 authentication backend contains auth and chpass + providers. It must be paired with identity provider in + order to function properly (for example, id_provider = ldap). Some + information required by the Kerberos 5 authentication backend must + be provided by the identity provider, such as the user's Kerberos + Principal Name (UPN). The configuration of the identity provider + should have an entry to specify the UPN. Please refer to the man + page for the applicable identity provider for details on how to + configure this. </para> <para> In the case where the UPN is not available in the identity backend diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index b32096dd..402ab906 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -35,11 +35,13 @@ You can configure SSSD to use more than one LDAP domain. </para> <para> - If you want to authenticate against an LDAP server then TLS/SSL is - required. <command>sssd</command> <emphasis>does not</emphasis> - support authentication over an unencrypted channel. If the LDAP - server is used only as an identify provider, an encrypted channel - is not needed. + LDAP back end supports id, auth, access and chpass providers. If you want + to authenticate against an LDAP server either TLS/SSL, LDAPS, or + LDAP+GSSAPI is required. <command>sssd</command> <emphasis>does + not</emphasis> support authentication over an unencrypted channel. + If the LDAP server is used only as an identity provider, an encrypted + channel is not needed. Please refer to <quote>ldap_access_filter</quote> + config option for more information about using LDAP as an access provider. </para> </refsect1> diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 850dfdd3..d00de05c 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -639,6 +639,14 @@ Supported change password providers are: </para> <para> + <quote>ipa</quote> to change a password stored + in an IPA server. See + <citerefentry> + <refentrytitle>sssd-ipa</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> for more information on configuring IPA. + </para> + <para> <quote>ldap</quote> to change a password stored in a LDAP server. See <citerefentry> |