diff options
-rw-r--r-- | server/examples/sssd.conf | 4 | ||||
-rw-r--r-- | server/man/sssd-ldap.5.xml | 31 | ||||
-rw-r--r-- | server/man/sssd.conf.5.xml | 14 |
3 files changed, 31 insertions, 18 deletions
diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf index 3c4ccbfd..4b04c3d5 100644 --- a/server/examples/sssd.conf +++ b/server/examples/sssd.conf @@ -51,7 +51,6 @@ description = Domains served by SSSD ; description = LOCAL migration domain ; enumerate = true ; minId = 500 -; legacy = TRUE ; ; provider = files @@ -70,7 +69,6 @@ description = Domains served by SSSD ; enumerate = true ; minId = 500 ; maxId = 999 -; legacy = FALSE # Example LDAP domain that uses the proxy backend and the standard nss_ldap # and pam_ldap modules (Useful until we have good working native ldap backends). @@ -88,7 +86,6 @@ description = Domains served by SSSD ; description = Proxy request to our LDAP server ; enumerate = false ; minId = 1000 -; legacy = TRUE ; ; provider = proxy ; libName = ldap @@ -106,6 +103,7 @@ description = Domains served by SSSD ; provider = ldap ; auth-module = ldap ; ldapUri = ldap://your.ad.server.com +; ldapSchema = rfc2307bis ; userSearchBase = cn=users,dc=example,dc=com ; groupSearchBase = cn=users,dc=example,dc=com ; defaultBindDn = cn=Administrator,cn=Users,dc=example,dc=com diff --git a/server/man/sssd-ldap.5.xml b/server/man/sssd-ldap.5.xml index aa33c713..f21f0ea0 100644 --- a/server/man/sssd-ldap.5.xml +++ b/server/man/sssd-ldap.5.xml @@ -62,6 +62,35 @@ </varlistentry> <varlistentry> + <term>ldapSchema (string)</term> + <listitem> + <para> + Specifies the Schema Type in use on the target LDAP + server. + Depending on the selected schema the default + attribute names retrieved from the servers may vary. + Also the way some attributes are handled may differ. + + There are currently 2 schema types supported: + rfc2307 + rfc2307bis + + The main difference between these 2 schema types is + how group memberships are recorder in the server. + With rfc2307 group members are listed by name in an + attribute called <emphasis>memberUid</emphasis>. + With rfc2307bis grpoup members are listed by DN and + stored in an attribute called + <emphasis>member</emphasis>. + + </para> + <para> + Default: rfc2307 + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>defaultBindDn (string)</term> <listitem> <para> @@ -306,7 +335,7 @@ the members of the group. </para> <para> - Default: memberuid + Default: memberuid (rfc2307) / member (rfc2307bis) </para> </listitem> </varlistentry> diff --git a/server/man/sssd.conf.5.xml b/server/man/sssd.conf.5.xml index 1bf72872..df3ee82a 100644 --- a/server/man/sssd.conf.5.xml +++ b/server/man/sssd.conf.5.xml @@ -495,20 +495,6 @@ </varlistentry> <varlistentry> - <term>legacy (bool)</term> - <listitem> - <para> - A legacy domain is a strictly POSIX domain in - terms of attributes it supports. Groups in legacy - domains can't be nested. - </para> - <para> - Default: FALSE - </para> - </listitem> - </varlistentry> - - <varlistentry> <term>store-legacy-passwords (bool)</term> <listitem> <para> |