From d7a48ee6cde1e80dc2e63500d94017afe498a52a Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstephen@redhat.com>
Date: Mon, 29 Aug 2016 11:20:00 -0400
Subject: [PATCH 60/79] MAN: sssd-sudo manual update IPA native LDAP tree
 support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Update sssd-sudo man page to reflect native IPA sudo support

Resolves:
https://fedorahosted.org/sssd/ticket/3145

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 72bab5640b3ec57950b53dad0fb3042ea563592c)
---
 src/man/sssd-sudo.5.xml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/man/sssd-sudo.5.xml b/src/man/sssd-sudo.5.xml
index de276ad2d7647da9b7d510bf00fdf8fb58aed1c7..9be77725d679946bd09b86771cc7379b6ac64627 100644
--- a/src/man/sssd-sudo.5.xml
+++ b/src/man/sssd-sudo.5.xml
@@ -109,9 +109,12 @@ ldap_sudo_search_base = ou=sudoers,dc=example,dc=com
 </programlisting>
         </para>
         <para>
-            When the SSSD is configured to use IPA as the ID provider,
-            the sudo provider is automatically enabled. The sudo search base
-            is configured to use the compat tree (ou=sudoers,$DC).
+            When SSSD is configured to use IPA as the ID provider, the
+            sudo provider is automatically enabled. The sudo search base is
+            configured to use the IPA native LDAP tree (cn=sudo,$SUFFIX).
+            If any other search base is defined in sssd.conf, this value will be
+            used instead. The compat tree (ou=sudoers,$SUFFIX) is no longer
+            required for IPA sudo functionality.
         </para>
     </refsect1>
 
-- 
2.9.3