summaryrefslogtreecommitdiff
path: root/server/man/sssd.conf.5.xml
AgeCommit message (Collapse)AuthorFilesLines
2009-11-20Add reference to sssd-krb5 man page.Simo Sorce1-0/+3
Thanks to Marko Myllynen for spotting this.
2009-11-12Make 'permit' the default for the access targetSumit Bose1-3/+1
2009-11-12Fixes for proxy providerSumit Bose1-1/+3
- use the correct private data for each PAM task - make proxy_pam_target a mandatory option for auth, chpass and access
2009-11-09Assorted manpage fixesJakub Hrozek1-27/+14
* do not mention the sbus_timeout parameter at all * document the config_file_version parameter * different wording for negative cache
2009-11-05Update midpoint refresh logic to be relative to cache timeoutStephen Gallagher1-4/+23
2009-10-27Move responsibility for entry expiration timeoutSimo Sorce1-13/+12
The providers are now responsible for determining how long a cached entry is considered valid. The default is the same as before (600s)
2009-10-27Remove [dp] section from example configStephen Gallagher1-10/+3
Also remove references to the DP service from the sssd.conf manpages.
2009-10-22Add support for offline auth cache timeoutStephen Gallagher1-0/+21
This adds a new option (offline_credentials_expiration) to the [PAM] section of the sssd.conf If the user does not perform an online authentication within the timeout (in days), they will be denied auth once the timeout passes.
2009-10-22User home directories managementJakub Hrozek1-0/+73
Create and populate user directories on useradd, delete them on userdel Fixes: #212
2009-10-15more implicit provider target settingsSumit Bose1-1/+28
If auth_provider or access_provider is ont set explicitly id_provider is used if it can handle auth or access control requests respectively. If not auth defaults to 'none' and the access_provider is set to 'permit'. The option 'deny' is added for the access_provider to explicitly deny access.
2009-10-15set chpass_provider implicit if not set explicitSumit Bose1-0/+7
- if chpass_provider is not given in the configuration file but an auth_provider and the auth_provider can also handle change password requests it is used as chpass_provider.
2009-10-09Remove magicPrivateGroups optionSimo Sorce1-41/+0
In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided.
2009-10-08add description of chpass_provider option to sssd.conf man pageSumit Bose1-0/+30
2009-10-05more documentation and test for sssd.confSumit Bose1-0/+5
- add a hint to the man page about permissions on sssd.conf - add a test if a symbolic link can be opened
2009-09-25Manpages updateJakub Hrozek1-181/+144
2009-09-23add a man page for pam_sssSumit Bose1-0/+3
2009-09-23Remove provider=filesJakub Hrozek1-11/+1
Remove this provider type, as well as any references in the docs and examples to the "LEGACYLOCAL" migration domain. Fixes: #165
2009-09-18Add missing reference to sssd-ldap(5) in sssd.conf(5) manpageStephen Gallagher1-0/+3
2009-09-11Update documentation and examplesSimo Sorce1-14/+0
Remove the "legacy" option from examples and man pages. Legacy is is finally R.I.P Add docs for ldapSchema in sssd-ldap man page.
2009-09-11Small changes to the example config and manpageJakub Hrozek1-12/+25
Remove magicPrivateGroups since it's set automatically, use bool values for enumerate. Also add a notice about krb5 auth-module with a link to specialized manpage to sssd.conf(5) similar to what we have for ldap auth-module. Move both outside proxy domain description.
2009-09-10Update manpage to reflect new syntax for enumerateStephen Gallagher1-12/+6
2009-09-09Add support for the EntryCacheNoWaitRefreshTimeoutStephen Gallagher1-0/+13
This timeout specifies the lifetime of a cache entry before it is updated out-of-band. When this timeout is hit, the request will still complete from cache, but the SSSD will also go and update the cached entry in the background to extend the life of the cache entry and reduce the wait time of a future request.
2009-09-09more fixes for older libpcre versionssbose1-1/+6
- older version of libpcre only support the Python syntax (?P<name>) for named subpatterns
2009-09-01check if libpcre version is above or below 7Sumit Bose1-0/+7
PCRE_DUPNAMES is a new feature of libpcre 7. It is used in sssd to make the splitting of fully qualified user names more flexible.
2009-08-21fix handling of filtersUsers in groupsSumit Bose1-0/+12
- with the boolean option filterUsersInGroups it can be controlled wether filtered users appear in groups or not. - fixed an error which prevented the display of groups with filtered members - removed some tab indents
2009-08-20Support Docbook 4.4Stephen Gallagher1-2/+2
RHEL5 did not support Docbook 4.5, and we are not using any 4.5 features.
2009-08-20Make the LOCAL provider always use MagicPrivateGroupsStephen Gallagher1-1/+7
Also updates the manpage for sssd.conf to denote this
2009-08-13Make "files" a reserved word for legacy local domainJakub Hrozek1-1/+11
This patch introduces provider=files as a valid provider. Upon loading the backend, its properties in confdb are overwritten to those that represent legacy local domain. Also document this in sssd.conf(5) and example config
2009-06-30Remove redundant libPath option from proxy providerStephen Gallagher1-12/+0
The libPath should be constructed from the libName. There is no benefit to specifying it separately.
2009-06-02sssd.conf(5) man pageJakub Hrozek1-0/+654