diff options
| author | Sumit Bose <sbose@redhat.com> | 2009-11-16 13:56:57 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-11-23 12:46:29 -0500 |
| commit | be1697216fc62578c00606458b0ff390c575ef67 (patch) | |
| tree | 7b4226269267824c1eb68a1555d0266dfa9fbf00 /server/man/sssd-ldap.5.xml | |
| parent | e115c25af2df3549fb44b260e516d8c93d2adc8a (diff) | |
| download | sssd-be1697216fc62578c00606458b0ff390c575ef67.tar.gz sssd-be1697216fc62578c00606458b0ff390c575ef67.tar.bz2 sssd-be1697216fc62578c00606458b0ff390c575ef67.zip | |
Add ldap_pwd_policy option
Diffstat (limited to 'server/man/sssd-ldap.5.xml')
| -rw-r--r-- | server/man/sssd-ldap.5.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/server/man/sssd-ldap.5.xml b/server/man/sssd-ldap.5.xml index a2aa7306..d944392f 100644 --- a/server/man/sssd-ldap.5.xml +++ b/server/man/sssd-ldap.5.xml @@ -582,6 +582,39 @@ </listitem> </varlistentry> + <varlistentry> + <term>ldap_pwd_policy (string)</term> + <listitem> + <para> + Select the policy to evaluate the password + expiration on the client side. The following values + are allowed: + </para> + <para> + <emphasis>none</emphasis> No evaluation on the + client side. This option cannot disable server side + password policies. + </para> + <para> + <emphasis>shadow</emphasis> use + <citerefentry><refentrytitle>shadow</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> style + attributes to evaluate if the password is expired. + Please note that the current version of sssd cannot + update this attribute during a password change. + </para> + <para> + <emphasis>mit_kerberos</emphasis> use the attributes + used by MIT Kerberos to evaluate if the password is + expired. Use chpass_provider=krb5 to update these + attributes when the password is changed. + </para> + <para> + Default: none + </para> + </listitem> + </varlistentry> + </variablelist> </para> </refsect1> |