diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
index 6e26d5ae9c..547fee5549 100644
--- a/src/man/sssd-ipa.5.xml
+++ b/src/man/sssd-ipa.5.xml
@@ -176,6 +176,25 @@
+
+ ipa_selinux_search_base (string)
+
+
+ Optional. Use the given string as search base for
+ SELinux user maps.
+
+
+ See ldap_search_base
for
+ information about configuring multiple search
+ bases.
+
+
+ Default: the value of
+ ldap_search_base
+
+
+
+
krb5_validate (boolean)
@@ -368,6 +387,127 @@
+
+
+ ipa_selinux_usermap_object_class (string)
+
+
+ The object class of a host entry in LDAP.
+
+
+ Default: ipaHost
+
+
+
+
+ ipa_selinux_usermap_name (string)
+
+
+ The LDAP attribute that contains the name
+ of SELinux usermap.
+
+
+ Default: cn
+
+
+
+
+ ipa_selinux_usermap_member_user (string)
+
+
+ The LDAP attribute that contains all users / groups
+ this rule match against.
+
+
+ Default: memberUser
+
+
+
+
+ ipa_selinux_usermap_member_host (string)
+
+
+ The LDAP attribute that contains all hosts / hostgroups
+ this rule match against.
+
+
+ Default: memberHost
+
+
+
+
+ ipa_selinux_usermap_see_also (string)
+
+
+ The LDAP attribute that contains DN of HBAC
+ rule which can be used for matching instead
+ of memberUser and memberHost
+
+
+ Default: seeAlso
+
+
+
+
+ ipa_selinux_usermap_selinux_user (string)
+
+
+ The LDAP attribute that contains SELinux user
+ string itself.
+
+
+ Default: ipaSELinuxUser
+
+
+
+
+ ipa_selinux_usermap_enabled (string)
+
+
+ The LDAP attribute that contains whether
+ or not is user map enabled for usage.
+
+
+ Default: ipaEnabledFlag
+
+
+
+
+ ipa_selinux_usermap_user_category (string)
+
+
+ The LDAP attribute that contains user category
+ such as 'all'.
+
+
+ Default: userCategory
+
+
+
+
+ ipa_selinux_usermap_host_category (string)
+
+
+ The LDAP attribute that contains host category
+ such as 'all'.
+
+
+ Default: hostCategory
+
+
+
+
+ ipa_selinux_usermap_uuid (string)
+
+
+ The LDAP attribute that contains unique ID
+ of the user map.
+
+
+ Default: ipaUniqueID
+
+
+
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 7217c9dd7d..0a81e76505 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -1026,6 +1026,31 @@
+
+ session_provider (string)
+
+
+ The provider which should handle loading of session
+ settings.
+ Supported session providers are:
+
+
+ ipa
to load session settings
+ from an IPA server. See
+
+ sssd-ipa
+ 5
+ for more information on configuring IPA.
+
+
+ none
disallows fetching session settings explicitly.
+
+
+ Default: id_provider
is used if it
+ is set and can handle session loading requests.
+
+
+
lookup_family_order (string)