summaryrefslogtreecommitdiff
path: root/src/config
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-03-15 15:27:31 -0400
committerJakub Hrozek <jhrozek@redhat.com>2013-03-20 11:49:50 +0100
commitfae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934 (patch)
tree333f20454afe5782e569a41d929631d938905151 /src/config
parentdfd71fc92db940b2892cc996911cec03d7b6c52b (diff)
downloadsssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.tar.gz
sssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.tar.bz2
sssd-fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934.zip
ldap: Fallback option for rfc2307 schema
Add option to fallback to fetch local users if rfc2307is being used. This is useful for cases where people added local users as LDAP members and rely on these group memberships to be maintained on the local host. Disabled by default as it violates identity domain separation. Ticket: https://fedorahosted.org/sssd/ticket/1020
Diffstat (limited to 'src/config')
-rw-r--r--src/config/etc/sssd.api.d/sssd-ad.conf1
-rw-r--r--src/config/etc/sssd.api.d/sssd-ipa.conf1
-rw-r--r--src/config/etc/sssd.api.d/sssd-ldap.conf1
3 files changed, 3 insertions, 0 deletions
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf
index 0154e6aa..85e34cb1 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -104,6 +104,7 @@ ldap_idmap_default_domain = str, None, false
ldap_idmap_default_domain_sid = str, None, false
ldap_groups_use_matching_rule_in_chain = bool, None, false
ldap_initgroups_use_matching_rule_in_chain = bool, None, false
+ldap_rfc2307_fallback_to_local_users = bool, None, false
[provider/ad/auth]
krb5_ccachedir = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index 87f69a23..e9c7b232 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -125,6 +125,7 @@ ldap_idmap_default_domain = str, None, false
ldap_idmap_default_domain_sid = str, None, false
ldap_groups_use_matching_rule_in_chain = bool, None, false
ldap_initgroups_use_matching_rule_in_chain = bool, None, false
+ldap_rfc2307_fallback_to_local_users = bool, None, false
[provider/ipa/auth]
krb5_ccachedir = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 3b6b4e8f..40e2aa09 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -114,6 +114,7 @@ ldap_idmap_default_domain = str, None, false
ldap_idmap_default_domain_sid = str, None, false
ldap_groups_use_matching_rule_in_chain = bool, None, false
ldap_initgroups_use_matching_rule_in_chain = bool, None, false
+ldap_rfc2307_fallback_to_local_users = bool, None, false
[provider/ldap/auth]
ldap_pwd_policy = str, None, false