summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/examples/sssd.conf2
-rw-r--r--src/man/sssd-ldap.5.xml94
2 files changed, 52 insertions, 44 deletions
diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf
index 6a364000..eaf70b88 100644
--- a/src/examples/sssd.conf
+++ b/src/examples/sssd.conf
@@ -80,8 +80,6 @@ reconnection_retries = 3
; auth_provider = ldap
; ldap_uri = ldap://your.ad.server.com
; ldap_schema = rfc2307bis
-; ldap_user_search_base = cn=users,dc=example,dc=com
-; ldap_group_search_base = cn=users,dc=example,dc=com
; ldap_default_bind_dn = cn=Administrator,cn=Users,dc=example,dc=com
; ldap_default_authtok_type = password
; ldap_default_authtok = YOUR_PASSWORD
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index ff6d4399..87d388ad 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -147,20 +147,6 @@
</varlistentry>
<varlistentry>
- <term>ldap_user_search_base (string)</term>
- <listitem>
- <para>
- An optional base DN to restrict user searches
- to a specific subtree.
- </para>
- <para>
- Default: the value of
- <emphasis>ldap_search_base</emphasis>
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>ldap_user_object_class (string)</term>
<listitem>
<para>
@@ -487,20 +473,6 @@
</varlistentry>
<varlistentry>
- <term>ldap_group_search_base (string)</term>
- <listitem>
- <para>
- An optional base DN to restrict group searches
- to a specific subtree.
- </para>
- <para>
- Default: the value of
- <emphasis>ldap_search_base</emphasis>
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>ldap_group_object_class (string)</term>
<listitem>
<para>
@@ -594,20 +566,6 @@
</varlistentry>
<varlistentry>
- <term>ldap_netgroup_search_base (string)</term>
- <listitem>
- <para>
- An optional base DN to restrict netgroup searches
- to a specific subtree.
- </para>
- <para>
- Default: the value of
- <emphasis>ldap_search_base</emphasis>
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
<term>ldap_netgroup_object_class (string)</term>
<listitem>
<para>
@@ -1036,6 +994,58 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com
</para>
</refsect1>
+ <refsect1 id='advanced-options'>
+ <title>ADVANCED OPTIONS</title>
+ <para>
+ These options are supported by LDAP domains, but they should be used
+ with caution. Please include them in your configuration only if you
+ know what you are doing.
+ <variablelist>
+ <varlistentry>
+ <term>ldap_netgroup_search_base (string)</term>
+ <listitem>
+ <para>
+ An optional base DN to restrict netgroup searches
+ to a specific subtree.
+ </para>
+ <para>
+ Default: the value of
+ <emphasis>ldap_search_base</emphasis>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>ldap_user_search_base (string)</term>
+ <listitem>
+ <para>
+ An optional base DN to restrict user searches
+ to a specific subtree.
+ </para>
+ <para>
+ Default: the value of
+ <emphasis>ldap_search_base</emphasis>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>ldap_group_search_base (string)</term>
+ <listitem>
+ <para>
+ An optional base DN to restrict group searches
+ to a specific subtree.
+ </para>
+ <para>
+ Default: the value of
+ <emphasis>ldap_search_base</emphasis>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/failover.xml" />
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/service_discovery.xml" />