diff options
| author | Thierry bordaz (tbordaz) <tbordaz@redhat.com> | 2014-08-29 15:35:43 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-09-01 08:16:44 +0200 |
| commit | 7fc4f60c2f9a901885665f88c2dee1724bd8591e (patch) | |
| tree | a546dbb33af928c745acb2f92886230a75f10d26 | |
| parent | e732458a8e1af6432a739adf7a80a13fabcd59cc (diff) | |
| download | freeipa-7fc4f60c2f9a901885665f88c2dee1724bd8591e.tar.gz freeipa-7fc4f60c2f9a901885665f88c2dee1724bd8591e.tar.xz freeipa-7fc4f60c2f9a901885665f88c2dee1724bd8591e.zip | |
User Life Cycle: DNA scopes full SUFFIX
In patch 0001-3, the DNA plugins configuration was changed to scope only 'cn=accounts,SUFFIX'
This part of the fix was invalid as trust domain object (that need uid/gid allocation)
are under 'cn=trust,SUFFIX'. Revert that part of the fix.
Waiting on https://fedorahosted.org/389/ticket/47828, to exclude provisioning contains
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Martin Kosek <mkosek@redhat.com>
| -rw-r--r-- | install/updates/20-dna.update | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/install/updates/20-dna.update b/install/updates/20-dna.update index 719195e92..04047dd12 100644 --- a/install/updates/20-dna.update +++ b/install/updates/20-dna.update @@ -2,11 +2,9 @@ dn: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config only:nsslapd-pluginEnabled: on -# Change the magic value to -1 and restrict DNA to active accounts +# Change the magic value to -1 dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config only:dnaMagicRegen: -1 -remove:dnaScope: '$SUFFIX' -add:dnaScope: 'cn=accounts,$SUFFIX' dn: cn=ipa-winsync,cn=plugins,cn=config remove:ipaWinSyncUserAttr: uidNumber 999 |