>From 8d19d817bac40db8db0006ed0f46b66c0a67f305 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Sat, 11 May 2013 18:46:06 +0200
Subject: [PATCH 3/3] man: Clarify that AD dyndns updates are secured using
 GSS-TSIG

https://fedorahosted.org/sssd/ticket/1910
---
 src/man/sssd-ad.5.xml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
index 589dfd0b5f7514a8e17c9f04407476ccf7c33e88..c828ab6c21d361f35d87aff8d617b0ba1f8982b4 100644
--- a/src/man/sssd-ad.5.xml
+++ b/src/man/sssd-ad.5.xml
@@ -162,7 +162,10 @@ ldap_id_mapping = False
                         <para>
                             Optional. This option tells SSSD to automatically
                             update the Active Directory DNS server with
-                            the IP address of this client.
+                            the IP address of this client. The update is
+                            secured using GSS-TSIG. As a consequence, the
+                            Active Directory administrator only needs to
+                            allow secure updates for the DNS zone.
                         </para>
                         <para>
                             NOTE: On older systems (such as RHEL 5), for this
-- 
1.8.2.1