summaryrefslogtreecommitdiff
path: root/src/config
diff options
context:
space:
mode:
Diffstat (limited to 'src/config')
-rw-r--r--src/config/SSSDConfig.py3
-rwxr-xr-xsrc/config/SSSDConfigTest.py2
-rw-r--r--src/config/etc/sssd.api.d/sssd-ldap.conf3
3 files changed, 7 insertions, 1 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index 6b759d83..7b9d96c9 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -151,6 +151,9 @@ option_strings = {
# [provider/ldap/auth]
'ldap_pwd_policy' : _('Policy to evaluate the password expiration'),
+ # [provider/ldap/access]
+ 'ldap_access_filter' : _('LDAP filter to determine access privileges'),
+
# [provider/simple/access]
'simple_allow_users' : _('Comma separated list of allowed users'),
'simple_deny_users' : _('Comma separated list of prohibited users'),
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index 61c2f949..04d438e0 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -687,7 +687,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
control_provider_dict = {
'ipa': ['id', 'auth', 'access', 'chpass'],
'local': ['id', 'auth', 'chpass'],
- 'ldap': ['id', 'auth', 'chpass'],
+ 'ldap': ['id', 'auth', 'access', 'chpass'],
'krb5': ['auth', 'chpass'],
'proxy': ['id', 'auth'],
'simple': ['access'],
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index abcb5199..7f0c3606 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -67,5 +67,8 @@ ldap_force_upper_case_realm = bool, None, false
[provider/ldap/auth]
ldap_pwd_policy = str, None, false
+[provider/ldap/access]
+ldap_access_filter = str, None, false
+
[provider/ldap/chpass]