From 314c3a0efc276b74f7a2e39da4db29d8fbf43b12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=BDidek?= Date: Thu, 26 Oct 2017 17:12:17 +0200 Subject: [PATCH 11/21] MAN: GPO Security Filtering limitation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Note in the man pages that current version of SSSD does not support host entries in the 'Security filtering' list. Resolves: https://pagure.io/SSSD/sssd/issue/3444 Reviewed-by: Fabiano FidĂȘncio (cherry picked from commit 6c1661d2f4e860d1b547d6188a4fe2bd564e87cf) --- src/man/sssd-ad.5.xml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 08c1dd09fb829c6cffb416250b9b518668ec5790..649042d587de3d3600fff59866681e302c721af8 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -346,6 +346,13 @@ DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example, host. + NOTE: The current version of SSSD does not support + host (computer) entries in the GPO 'Security + Filtering' list. Only user and group entries are + supported. Host entries in the list have no + effect. + + NOTE: If the operation mode is set to enforcing, it is possible that users that were previously allowed logon access will now be denied logon access (as -- 2.13.5