diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-10-08 15:06:13 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-10-22 21:41:01 -0400 |
commit | 9726941e3d8cfd653034af09d34986b9f9dfdadf (patch) | |
tree | 943501115dc548f7f5761b51ed053db51c0142b8 /checks | |
parent | 6220b5389383f58d5f0eb4b37e3e588ac6ac054b (diff) | |
download | freeipa-9726941e3d8cfd653034af09d34986b9f9dfdadf.tar.gz freeipa-9726941e3d8cfd653034af09d34986b9f9dfdadf.tar.xz freeipa-9726941e3d8cfd653034af09d34986b9f9dfdadf.zip |
Disallow writes on serverHostName and memberOf
serverHostName because this is tied to the FQDN so should only be changed
on a host rename (which we don't do).
memberOf because the plugin should do this. Directly manging this attribute
would be pretty dangerous and confusing.
Also remove a redundant aci granting the admins group write access to
users and groups. They have it with through the "admins can modify any
entry" aci.
tickets 300, 304
Diffstat (limited to 'checks')
0 files changed, 0 insertions, 0 deletions