rpms / sssd

Clone
Source Code
GIT

Blame SOURCES/0109-MAN-Clarify-the-GC-support-a-bit.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   2fc102e8cac6f5a4ebee5f83596b154528f23d78
  2.   SOURCES
  3.   0109-MAN-Clarify-the-GC-support-a-bit.patch
Blob History Raw
2fc102 
From b9336c0c96d409ecd7371a55fbfcf5691814efec Mon Sep 17 00:00:00 2001
2fc102 
From: Jakub Hrozek <jhrozek@redhat.com>
2fc102 
Date: Wed, 5 Mar 2014 12:13:48 +0100
2fc102 
Subject: [PATCH 109/110] MAN: Clarify the GC support a bit
2fc102 
MIME-Version: 1.0
2fc102 
Content-Type: text/plain; charset=UTF-8
2fc102 
Content-Transfer-Encoding: 8bit
2fc102
2fc102 
It should be noted that disabling GC does *not* disable lookups from
2fc102 
trusted domains. Disabling GC might be a a good way for admins who wish
2fc102 
to use POSIX attributes in trusted domains and the man page should hint
2fc102 
this option.
2fc102
2fc102 
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
2fc102 
(cherry picked from commit fdaaf2525e333af04ee9b48429b6766b5fd6cab6)
2fc102 
---
2fc102 
 src/man/sssd-ad.5.xml | 18 +++++++++++++-----
2fc102 
 1 file changed, 13 insertions(+), 5 deletions(-)
2fc102
2fc102 
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
2fc102 
index 8cd94d4aeaf553ecb54e0e4c866be5fb7a44fa8e..0554317f533f2309d9fad60dfe5543f8546a6bbc 100644
2fc102 
--- a/src/man/sssd-ad.5.xml
2fc102 
+++ b/src/man/sssd-ad.5.xml
2fc102 
@@ -232,11 +232,19 @@ FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)
2fc102 
                     <listitem>
2fc102 
                         <para>
2fc102 
                             By default, the SSSD connects to the Global
2fc102 
-                            Catalog first to retrieve users and uses the
2fc102 
-                            LDAP port to retrieve group memberships or
2fc102 
-                            as a fallback. Disabling this option makes
2fc102 
-                            the SSSD only connect to the LDAP port of the
2fc102 
-                            current AD server.
2fc102 
+                            Catalog first to retrieve users from trusted
2fc102 
+                            domains and uses the LDAP port to retrieve
2fc102 
+                            group memberships or as a fallback. Disabling
2fc102 
+                            this option makes the SSSD only connect to
2fc102 
+                            the LDAP port of the current AD server.
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            Please note that disabling Global Catalog support
2fc102 
+                            does not disable retrieving users from trusted
2fc102 
+                            domains. The SSSD would connect to the LDAP port
2fc102 
+                            of trusted domains instead. However, Global
2fc102 
+                            Catalog must be used in order to resolve
2fc102 
+                            cross-domain group memberships.
2fc102 
                         </para>
2fc102 
                         <para>
2fc102 
                             Default: true
2fc102 
--
2fc102 
1.8.5.3
2fc102

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation