diff options
author | Sumit Bose <sbose@redhat.com> | 2010-12-21 13:30:33 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-19 09:53:20 -0500 |
commit | 22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18 (patch) | |
tree | fb69e82eea580199f7919ecf02a83b3339b8dbcc /src/config/SSSDConfig.py | |
parent | 5352c9b3609bca63814f9f6f03dbbbadf6c6333a (diff) | |
download | sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.tar.gz sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.tar.bz2 sssd-22f4c1b86dcf5589e63f2ae043dc65a8f72f6f18.zip |
Add LDAP expire policy based on AD attributes
The second bit of userAccountControl is used to determine if the account
is enabled or disabled. accountExpires is checked to see if the account
is expired.
Diffstat (limited to 'src/config/SSSDConfig.py')
-rw-r--r-- | src/config/SSSDConfig.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index b3861a55..d84509c1 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -172,6 +172,8 @@ option_strings = { 'ldap_user_krb_last_pwd_change' : _('krbLastPwdChange attribute'), 'ldap_user_krb_password_expiration' : _('krbPasswordExpiration attribute'), 'ldap_pwd_attribute' : _('Attribute indicating that server side password policies are active'), + 'ldap_user_ad_account_expires' : _('accountExpires attribute of AD'), + 'ldap_user_ad_user_account_control' : _('userAccountControl attribute of AD'), 'ldap_group_search_base' : _('Base DN for group lookups'), # not used # 'ldap_group_search_scope' : _('Scope of group lookups'), |