diff options
| -rw-r--r-- | man/nslcd.conf.5.xml | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml index 0d901aa..7af8a10 100644 --- a/man/nslcd.conf.5.xml +++ b/man/nslcd.conf.5.xml @@ -691,10 +691,14 @@ expressions below. </para> <para> - For example, to check that the user has a proper authorizedService - value if the attribute is present: - <literal>(&(objectClass=posixAccount)(uid=$username) - (|(authorizedService=$service)(!(authorizedService=*))))</literal> + For example, to check that the user has a proper <literal>authorizedService</literal> + value if the attribute is present (this emulates the + <option>pam_check_service_attr</option> option in PADL's pam_ldap): + <literallayout><literal>(&(objectClass=posixAccount)(uid=$username)(|(authorizedService=$service)(!(authorizedService=*))))</literal></literallayout> + </para> + <para> + The <option>pam_check_host_attr</option> option can be emulated with: + <literallayout><literal>(&(objectClass=posixAccount)(uid=$username)(|(host=$hostname)(!(host=*))))</literal></literallayout> </para> <para> The default behaviour is not to do this extra search and always |