From 952ce880317825f16c256fb716167eb7fddeda49 Mon Sep 17 00:00:00 2001
From: rhaggard <rhaggard@localhost>
Date: Wed, 06 Feb 2008 18:09:50 +0000
Subject: [PATCH] Commiting configuration XML files after adding info from the old config guide to be incorporated in the new generated config reference

---
 opends/src/admin/defn/org/opends/server/admin/std/GSSAPISASLMechanismHandlerConfiguration.xml |   39 +++++++++++++++++++++++++--------------
 1 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/opends/src/admin/defn/org/opends/server/admin/std/GSSAPISASLMechanismHandlerConfiguration.xml b/opends/src/admin/defn/org/opends/server/admin/std/GSSAPISASLMechanismHandlerConfiguration.xml
index 54119ed..12dacb1 100644
--- a/opends/src/admin/defn/org/opends/server/admin/std/GSSAPISASLMechanismHandlerConfiguration.xml
+++ b/opends/src/admin/defn/org/opends/server/admin/std/GSSAPISASLMechanismHandlerConfiguration.xml
@@ -31,11 +31,17 @@
   xmlns:adm="http://www.opends.org/admin"
   xmlns:ldap="http://www.opends.org/admin-ldap">
   <adm:synopsis>
-    The
-    <adm:user-friendly-name />
-    is used to perform all processing related to SASL GSSAPI
+    The GSSAPI SASL mechanism 
+    performs all processing related to SASL GSSAPI
     authentication using Kerberos V5.
   </adm:synopsis>
+  <adm:description>
+    The GSSAPI SASL mechanism provides the ability for clients 
+    to authenticate themselves to the server using existing 
+    authentication in a Kerberos environment. This mechanism 
+    provides the ability to achieve single sign-on for 
+    Kerberos-based clients.
+  </adm:description>
   <adm:profile name="ldap">
     <ldap:object-class>
       <ldap:name>ds-cfg-gssapi-sasl-mechanism-handler</ldap:name>
@@ -53,12 +59,12 @@
   </adm:property-override>
   <adm:property name="realm">
     <adm:synopsis>
-      Specifies the realm that should be used for GSSAPI authentication.
+      Specifies the realm to be used for GSSAPI authentication.
     </adm:synopsis>
     <adm:default-behavior>
       <adm:alias>
         <adm:synopsis>
-          The server will attempt to determine the realm from the
+          The server attempts to determine the realm from the
           underlying system configuration.
         </adm:synopsis>
       </adm:alias>
@@ -74,16 +80,18 @@
   </adm:property>
   <adm:property name="kdc-address">
     <adm:synopsis>
-      Specifies the address of the KDC that should be used for Kerberos
+      Specifies the address of the KDC that is to be used for Kerberos
       processing.
     </adm:synopsis>
     <adm:description>
-      If provided, this should be a fully-qualified DNS-resolvable name.
+      If provided, this property must be a fully-qualified DNS-resolvable name.
+      If this property is not provided, then the server attempts to determine it 
+      from the system-wide Kerberos configuration.
     </adm:description>
     <adm:default-behavior>
       <adm:alias>
         <adm:synopsis>
-          The server will attempt to determine the KDC address from the
+          The server attempts to determine the KDC address from the
           underlying system configuration.
         </adm:synopsis>
       </adm:alias>
@@ -103,13 +111,13 @@
       Kerberos processing.
     </adm:synopsis>
     <adm:description>
-      If provided, this should be either an absolute path or one that is
+      If provided, this is either an absolute path or one that is
       relative to the server instance root.
     </adm:description>
     <adm:default-behavior>
       <adm:alias>
         <adm:synopsis>
-          The server will attempt to use the system-wide default keytab.
+          The server attempts to use the system-wide default keytab.
         </adm:synopsis>
       </adm:alias>
     </adm:default-behavior>
@@ -130,8 +138,8 @@
     <adm:default-behavior>
       <adm:alias>
         <adm:synopsis>
-          The server will attempt to dynamically determine the
-          fully-qualified domain name.
+          The server attempts to determine the
+          fully-qualified domain name dynamically .
         </adm:synopsis>
       </adm:alias>
     </adm:default-behavior>
@@ -146,8 +154,11 @@
   </adm:property>
   <adm:property name="identity-mapper" mandatory="true">
     <adm:synopsis>
-      Specifies the name of the identity mapper that should be used to
-      match the Kerberos principal to a user entry.
+      Specifies the name of the identity mapper that is to be used
+      with this SASL mechanism handler 
+      to match the Kerberos principal 
+      included in the SASL bind request to the corresponding
+      user in the directory.
     </adm:synopsis>
     <adm:syntax>
       <adm:aggregation relation-name="identity-mapper"

--
Gitblit v1.10.0