summaryrefslogtreecommitdiff
path: root/server/man
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2009-10-06 12:12:21 -0400
committerSimo Sorce <ssorce@redhat.com>2009-10-09 16:11:26 -0400
commitb0c4751808040afdc15ca801619c43fe192c6a35 (patch)
treef60d85f632d1c43d9ca022448453590dce65f09f /server/man
parente2d17ea806d273784b621583dd0490c2f69f237d (diff)
downloadsssd-b0c4751808040afdc15ca801619c43fe192c6a35.tar.gz
sssd-b0c4751808040afdc15ca801619c43fe192c6a35.tar.bz2
sssd-b0c4751808040afdc15ca801619c43fe192c6a35.zip
Remove magicPrivateGroups option
In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided.
Diffstat (limited to 'server/man')
-rw-r--r--server/man/sssd.conf.5.xml41
1 files changed, 0 insertions, 41 deletions
diff --git a/server/man/sssd.conf.5.xml b/server/man/sssd.conf.5.xml
index 7946ed45..3eab2355 100644
--- a/server/man/sssd.conf.5.xml
+++ b/server/man/sssd.conf.5.xml
@@ -364,47 +364,6 @@
</varlistentry>
<varlistentry>
- <term>magic_private_groups (bool)</term>
- <listitem>
- <para>
- By using the Magic Private Groups option, you
- are imposing two limitations to the ID space
- and name space:
- </para>
- <para>
- 1. Users and groups in the domain share a common
- name space. There can never be an explicit group
- with the same name as a user
- </para>
- <para>
- 2. Users and groups share a common ID
- space, there can never be an explicit group with
- a same ID as a user
- </para>
- <para>
- Using Magic Private groups bring the benefit of
- better Windows Interoperability (in Windows,
- the ID and name spaces are unique) and also
- avoids creating a group for every user,
- thus cluttering the group space. Also, for
- NSS calls, every user is actually returned
- as user's private group without having to
- explicitly create the group, thus having the
- same effect as User Private Groups
- </para>
- <para>
- Default: FALSE*
- </para>
- <para>
- *Magic Private Groups are always enabled when
- provider=local and this setting does not
- affect that in any way. For other providers,
- Magic Private Groups default to FALSE
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>enumerate (bool)</term>
<listitem>
<para>