diff options
Diffstat (limited to 'docs-xml/manpages/pam_winbind.8.xml')
| -rw-r--r-- | docs-xml/manpages/pam_winbind.8.xml | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/docs-xml/manpages/pam_winbind.8.xml b/docs-xml/manpages/pam_winbind.8.xml index 622e9e188d9..32030ef0ecc 100644 --- a/docs-xml/manpages/pam_winbind.8.xml +++ b/docs-xml/manpages/pam_winbind.8.xml @@ -84,9 +84,11 @@ If this option is set, pam_winbind will only succeed if the user is a member of the given SID or NAME. A SID can be either a group-SID, an alias-SID or even an user-SID. It is also possible to give a NAME instead of the SID. That name must have the form: <parameter>MYDOMAIN\mygroup</parameter> or - <parameter>MYDOMAIN\myuser</parameter>. pam_winbind will, in that case, lookup the SID internally. Note that - NAME may not contain any spaces. It is thus recommended to only use SIDs. You can verify the list of SIDs a - user is a member of with <command>wbinfo --user-sids=SID</command>. + <parameter>MYDOMAIN\myuser</parameter> (where '\' character corresponds to the value of + <parameter>winbind separator</parameter> parameter). It is also possible to use a UPN in the form + <parameter>user@REALM</parameter> or <parameter>group@REALM</parameter>. pam_winbind will, in that case, lookup + the SID internally. Note that NAME may not contain any spaces. It is thus recommended to only use SIDs. You can + verify the list of SIDs a user is a member of with <command>wbinfo --user-sids=SID</command>. </para> <para> |