From 88aeed9a31b734a92630d5e881c960c5f77ba0ce Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Sun, 29 Aug 2010 22:15:06 +0200
Subject: Deobfuscate password in back ends

When obfuscated password is used in config file, the LDAP backend
converts it back to clear text and uses it to authenticate to the
server.
---
 src/man/sssd-ldap.5.xml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'src/man/sssd-ldap.5.xml')

diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 346faf8d..b32096dd 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -120,7 +120,16 @@
                     <listitem>
                         <para>
                             The type of the authentication token of the
-                            default bind DN. The only currently supported value is "password".
+                            default bind DN.
+                        </para>
+                        <para>
+                            The two mechanisms currently supported are:
+                        </para>
+                        <para>
+                            password
+                        </para>
+                        <para>
+                            obfuscated_password
                         </para>
                     </listitem>
                 </varlistentry>
-- 
cgit