[deployment-guide/comm-rel: 128/727] BZ 601870: Update LDAP/PAM proxy sub-section

[Jaromir Hradilek]

commit f6d44a0c6c2ce895a2ed6d9b1425736dc095dc08
Author: David O'Brien <davido at redhat.com>
Date:   Fri Jul 23 15:23:18 2010 +1000

    BZ 601870: Update LDAP/PAM proxy sub-section

 en-US/SSSD.xml |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)
---
diff --git a/en-US/SSSD.xml b/en-US/SSSD.xml
index fcba9fd..369d282 100644
--- a/en-US/SSSD.xml
+++ b/en-US/SSSD.xml
@@ -959,7 +959,12 @@ ldap_group_object_class = group</screen>
             <type>(string)</type>
           </para>
           <para>This option is only used when the <option>auth_provider</option> option is set to <literal>proxy</literal>, and specifies the proxy target that <acronym>PAM</acronym> proxies to.</para>
-          <para>This option has no default value. If proxy authentication is required, you need to specify your own <acronym>PAM</acronym> target. This corresponds to a file containing <acronym>PAM</acronym> stack information in the system's default <acronym>PAM</acronym> configuration directory. On &MAJOROS;-based systems, this is the <filename>/etc/pam.d/</filename> directory.</para>
+          <para>This option has no default value. If proxy authentication is required, you need to specify your own <acronym>PAM</acronym> target. This corresponds to a file containing <acronym>PAM</acronym> stack information in the system's default <acronym>PAM</acronym> configuration directory. On &MAJOROS;&mdash;based systems, this is the <filename>/etc/pam.d/</filename> directory.</para>
+          <important>
+            <para>
+              Ensure that your proxy PAM stack does <emphasis>not</emphasis> recursively include <filename>pam_sss.so</filename>.
+            </para>
+          </important>
         </listitem>
         <listitem>
           <para>