From 7d8b4563092f147fbccf50125f61cfd9dcda0195 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 10 Sep 2009 14:36:17 +0200 Subject: Small changes to the example config and manpage Remove magicPrivateGroups since it's set automatically, use bool values for enumerate. Also add a notice about krb5 auth-module with a link to specialized manpage to sssd.conf(5) similar to what we have for ldap auth-module. Move both outside proxy domain description. --- server/examples/sssd.conf | 10 ++++------ server/man/sssd.conf.5.xml | 37 +++++++++++++++++++++++++------------ 2 files changed, 29 insertions(+), 18 deletions(-) diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf index b47ab9dd..3c4ccbfd 100644 --- a/server/examples/sssd.conf +++ b/server/examples/sssd.conf @@ -49,9 +49,8 @@ description = Domains served by SSSD ; [domains/LOCAL] ; description = LOCAL migration domain -; enumerate = 3 +; enumerate = true ; minId = 500 -; magicPrivateGroups = FALSE ; legacy = TRUE ; ; provider = files @@ -68,11 +67,10 @@ description = Domains served by SSSD ; [domains/LOCAL] ; description = LOCAL Users domain ; provider = local -; enumerate = 3 +; enumerate = true ; minId = 500 ; maxId = 999 ; legacy = FALSE -; magicPrivateGroups = TRUE # Example LDAP domain that uses the proxy backend and the standard nss_ldap # and pam_ldap modules (Useful until we have good working native ldap backends). @@ -88,7 +86,7 @@ description = Domains served by SSSD ; [domains/LDAP] ; description = Proxy request to our LDAP server -; enumerate = 0 +; enumerate = false ; minId = 1000 ; legacy = TRUE ; @@ -102,7 +100,7 @@ description = Domains served by SSSD ; [domains/AD] ; description = LDAP domain with AD server -; enumerate = 0 +; enumerate = false ; minId = 1000 ; ; provider = ldap diff --git a/server/man/sssd.conf.5.xml b/server/man/sssd.conf.5.xml index 0432f1ec..1bf72872 100644 --- a/server/man/sssd.conf.5.xml +++ b/server/man/sssd.conf.5.xml @@ -560,26 +560,39 @@ - - - - - Options valid for proxy domains. - - auth-module (string) - The authentication module used. Two - authentication modules are provided - - ldap for native LDAP authentication - and proxy, used for relaying - authentication to some other PAM target. + The authentication module used for the domain. + Supported auth modules are: + + + ldap for native LDAP authentication. See + + sssd-ldap + 5 + for more information on configuring LDAP. + + + krb5 for Kerberos authentication. See + + sssd-krb5 + 5 + for more information on configuring Kerberos. + + + proxy for relaying authentication to some other PAM target. + + + + Options valid for proxy domains. + + pam-target (string) -- cgit