summaryrefslogtreecommitdiff
path: root/src/man
diff options
context:
space:
mode:
authorJan Zeleny <jzeleny@redhat.com>2011-10-12 09:25:12 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-11-23 14:19:53 -0500
commit544de543ee88961272e9b9c5baa2c0d296162965 (patch)
treee0de1de28c1be79a6341bb6ee72c1f39443bdeb8 /src/man
parent9f761434e5fbc5c033a85fb69d6e360e3ba4db58 (diff)
downloadsssd-544de543ee88961272e9b9c5baa2c0d296162965.tar.gz
sssd-544de543ee88961272e9b9c5baa2c0d296162965.tar.bz2
sssd-544de543ee88961272e9b9c5baa2c0d296162965.zip
Added and modified options for IPA netgroups
Diffstat (limited to 'src/man')
-rw-r--r--src/man/sssd-ipa.5.xml89
-rw-r--r--src/man/sssd-ldap.5.xml22
2 files changed, 110 insertions, 1 deletions
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
index 221c9a25..32d691d7 100644
--- a/src/man/sssd-ipa.5.xml
+++ b/src/man/sssd-ipa.5.xml
@@ -48,7 +48,10 @@
<citerefentry>
<refentrytitle>sssd-krb5</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry> authentication provider.
+ </citerefentry> authentication provider with some exceptions described
+ below.
+ </para>
+ <para>
However, it is neither necessary nor recommended to set these options.
IPA provider can also be used as an access and chpass provider. As an
access provider it uses HBAC (host-based access control) rules. Please
@@ -235,6 +238,90 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>ipa_netgroup_member_of (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that lists netgroup's
+ memberships.
+ </para>
+ <para>
+ Default: memberOf
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ipa_netgroup_member_user (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that lists system users
+ and groups that are direct members of the
+ netgroup.
+ </para>
+ <para>
+ Default: memberUser
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ipa_netgroup_member_host (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that lists hosts and host groups
+ that are direct members of the netgroup.
+ </para>
+ <para>
+ Default: memberHost
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ipa_netgroup_member_ext_host (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that lists FQDNs of hosts
+ and host groups that are members of the netgroup.
+ </para>
+ <para>
+ Default: externalHost
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ipa_netgroup_domain (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that contains NIS domain
+ name of the netgroup.
+ </para>
+ <para>
+ Default: nisDomainName
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>ipa_host_object_class (string)</term>
+ <listitem>
+ <para>
+ The object class of a host entry in LDAP.
+ </para>
+ <para>
+ Default: ipaHost
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>ipa_host_fqdn (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that contains FQDN of the host.
+ </para>
+ <para>
+ Default: fqdn
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</para>
</refsect1>
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 3efc75e2..75bc764e 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -794,6 +794,10 @@
The object class of a netgroup entry in LDAP.
</para>
<para>
+ In IPA provider, ipa_netgroup_object_class should
+ be used instead.
+ </para>
+ <para>
Default: nisNetgroup
</para>
</listitem>
@@ -807,6 +811,10 @@
the netgroup name.
</para>
<para>
+ In IPA provider, ipa_netgroup_name should
+ be used instead.
+ </para>
+ <para>
Default: cn
</para>
</listitem>
@@ -820,6 +828,10 @@
the netgroup's members.
</para>
<para>
+ In IPA provider, ipa_netgroup_member should
+ be used instead.
+ </para>
+ <para>
Default: memberNisNetgroup
</para>
</listitem>
@@ -833,6 +845,9 @@
domain) netgroup triples.
</para>
<para>
+ This option is not available in IPA provider.
+ </para>
+ <para>
Default: nisNetgroupTriple
</para>
</listitem>
@@ -846,6 +861,10 @@
an LDAP netgroup object.
</para>
<para>
+ In IPA provider, ipa_netgroup_uuid should
+ be used instead.
+ </para>
+ <para>
Default: nsUniqueId
</para>
</listitem>
@@ -859,6 +878,9 @@
last modification of the parent object.
</para>
<para>
+ This option is not available in IPA provider.
+ </para>
+ <para>
Default: modifyTimestamp
</para>
</listitem>