diff options
-rw-r--r-- | src/config/SSSDConfig.py | 4 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 3 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 3 | ||||
-rw-r--r-- | src/providers/ipa/ipa_opts.h | 3 | ||||
-rw-r--r-- | src/providers/ldap/ldap_opts.h | 3 | ||||
-rw-r--r-- | src/providers/ldap/sdap.h | 3 |
6 files changed, 19 insertions, 0 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index 46ca838e..a48602b2 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -261,6 +261,10 @@ option_strings = { 'ldap_service_proto' : _('Service protocol attribute'), #replaced by ldap_entry_usn# 'ldap_service_entry_usn' : _('Service entryUSN attribute'), + 'ldap_idmap_range_min' : _('Lower bound for ID-mapping'), + 'ldap_idmap_range_max' : _('Upper bound for ID-mapping'), + 'ldap_idmap_range_size' : _('Number of IDs for each slice when ID-mapping'), + # [provider/ldap/auth] 'ldap_pwd_policy' : _('Policy to evaluate the password expiration'), diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 162dab57..1cad031f 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -110,6 +110,9 @@ ldap_service_entry_usn = str, None, false ipa_host_object_class = str, None, false ipa_host_fqdn = str, None, false ipa_host_ssh_public_key = str, None, false +ldap_idmap_range_min = int, None, false +ldap_idmap_range_max = int, None, false +ldap_idmap_range_size = int, None, false [provider/ipa/auth] krb5_ccachedir = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 766216f6..79518155 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -104,6 +104,9 @@ ldap_service_port = str, None, false ldap_service_proto = str, None, false ldap_service_search_base = str, None, false ldap_service_entry_usn = str, None, false +ldap_idmap_range_min = int, None, false +ldap_idmap_range_max = int, None, false +ldap_idmap_range_size = int, None, false [provider/ldap/auth] ldap_pwd_policy = str, None, false diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h index 75ce632e..866bd3ce 100644 --- a/src/providers/ipa/ipa_opts.h +++ b/src/providers/ipa/ipa_opts.h @@ -114,6 +114,9 @@ struct dp_option ipa_def_ldap_opts[] = { { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 100001 }, NULL_NUMBER }, + { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000100000LL }, NULL_NUMBER }, + { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER }, DP_OPTION_TERMINATOR }; diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index 1f9ca57a..a4c78069 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -96,6 +96,9 @@ struct dp_option default_basic_opts[] = { { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 100001 }, NULL_NUMBER }, + { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000100000LL }, NULL_NUMBER }, + { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER }, DP_OPTION_TERMINATOR }; diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index 9ef88004..71ae246d 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -211,6 +211,9 @@ enum sdap_basic_opt { SDAP_SASL_CANONICALIZE, SDAP_EXPIRE_TIMEOUT, SDAP_DISABLE_PAGING, + SDAP_IDMAP_LOWER, + SDAP_IDMAP_UPPER, + SDAP_IDMAP_RANGESIZE, SDAP_OPTS_BASIC /* opts counter */ }; |