diff options
Diffstat (limited to 'src/man/uk/sssd.conf.5.xml')
| -rw-r--r-- | src/man/uk/sssd.conf.5.xml | 57 |
1 files changed, 52 insertions, 5 deletions
diff --git a/src/man/uk/sssd.conf.5.xml b/src/man/uk/sssd.conf.5.xml index 4cc2fb8..ff6d92b 100644 --- a/src/man/uk/sssd.conf.5.xml +++ b/src/man/uk/sssd.conf.5.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN" -"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" +<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN" +"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ <!ENTITY sssd_user_name SYSTEM "sssd_user_name.include"> ]> @@ -1515,7 +1515,7 @@ pam_account_locked_message = Account locked, please contact help desk. Enable passkey device based authentication. </para> <para> - Типове значення: False + Типове значення: True </para> </listitem> </varlistentry> @@ -1618,7 +1618,7 @@ p11_child. </listitem> </varlistentry> <varlistentry> - <term>pam_p11_allowed_services (ціле число)</term> + <term>pam_p11_allowed_services (string)</term> <listitem> <para> Список назв служб PAM, відокремлених комами, для яких буде дозволено @@ -3390,6 +3390,23 @@ Directory, налаштованих та автоматично виявлени </varlistentry> <varlistentry> + <term>failover_primary_timeout (integer)</term> + <listitem> + <para> + When no primary server is currently available, SSSD fail overs to a backup +server. This option defines the amount of time (in seconds) to wait before +SSSD tries to reconnect to a primary server again. + </para> + <para> + Note: The minimum value is 31. + </para> + <para> + Default: 31 + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>override_gid (ціле число)</term> <listitem> <para> @@ -3596,7 +3613,8 @@ provider) only support a password based authentication, while others can handle PKINIT based Smartcard authentication (AD, IPA), two-factor authentication (IPA), or other methods against a central instance. By default in such cases authentication is only performed with the methods -supported by the backend. +supported by the backend. With this option additional methods can be enabled +which are evaluated and checked locally. </para> <para> There are three possible values for this option: match, only, @@ -3607,6 +3625,35 @@ local authentication. As an example, <quote>enable:passkey</quote>, only enables passkey for local authentication. Multiple enable values should be comma-separated, such as <quote>enable:passkey, enable:smartcard</quote> </para> + + <para> + The following table shows which authentication methods, if configured +properly, are currently enabled or disabled for each backend, with the +default local_auth_policy: <quote>match</quote> + </para> + <informaltable frame='all'> + <tgroup cols='3'> + <colspec colname='c1' align='center'/> + <colspec colname='c2' align='center'/> + <colspec colname='c3' align='center'/> + + <thead> + <row><entry namest='c1' nameend='c3' align='center'> + local_auth_policy = match (default)</entry></row> + <row><entry></entry><entry>Passkey</entry> + <entry>Smartcard</entry></row> + </thead> + <tbody> + <row><entry>IPA</entry><entry>enabled</entry> + <entry><para>enabled</para> + </entry></row> + <row><entry>AD</entry><entry>disabled</entry> + <entry><para>enabled</para></entry> + </row> + <row><entry>LDAP</entry><entry>disabled</entry> + <entry><para>disabled</para></entry> + </row> + </tbody></tgroup></informaltable> <para> Please note that if local Smartcard authentication is enabled and a Smartcard is present, Smartcard authentication will be preferred over the |