From a09a7a03f5b330cc45a0007a56d4789116a91e46 Mon Sep 17 00:00:00 2001
From: amitkuma <amitkuma@redhat.com>
Date: Tue, 6 Feb 2018 16:27:00 +0530
Subject: [PATCH 100/100] MAN: Explain how does auto_private_groups affect
 subdomains

Fix explains how auto_private_groups affects subdomains.
a. POSIX sudomains, gets inherited to subdomain.
b. ID-mapping subdomains, already enabled.

Resolves: https://pagure.io/SSSD/sssd/issue/3627

Reviewed-by: Rob Crittenden <rcritten@redhat.com>
(cherry picked from commit 52ae76737f2df3012d67f6a0b5052c86022bffdd)
---
 src/man/sssd.conf.5.xml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 47da07c33bdcfbf2fa94ff932492e9ea4bbfe846..8d06f57539e3fc55189234aab2aea950ba14713a 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -2830,7 +2830,16 @@ subdomain_inherit = ldap_purge_cache_timeout
                             If this option is enabled, SSSD will automatically
                             create user private groups based on user's
                             UID number. The GID number is ignored in this case.
-                        </para>
+		        </para>
+			<para>
+			    For POSIX subdomains, setting the option in the main
+			    domain is inherited in the subdomain.
+			</para>
+			<para>
+			    For ID-mapping subdomains, auto_private_groups is
+			    already enabled for the subdomains and setting it to
+			    false will not have any effect for the subdomain.
+			</para>
                         <para>
                             NOTE: Because the GID number and the user private group
                             are inferred frm the UID number, it is not supported
-- 
2.14.3