diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-08-11 15:26:37 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-08-19 10:50:07 -0400 |
commit | e466bed5453302ca41e6ab7e85fddbdd35548d2a (patch) | |
tree | 9c0065938b44951bcfd6f9e7eddf4ceea332b262 /install/share/schema_compat.uldif | |
parent | e225ad4341b8f91b0aa3d4be3f93b9082716828e (diff) | |
download | freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.tar.gz freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.tar.xz freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.zip |
Enable compat plugin by default and configure netgroups
Move the netgroup compat configuration from the nis configuration to
the existing compat configuration.
Add a 'status' option to the ipa-copmat-manage tool.
ticket 91
Diffstat (limited to 'install/share/schema_compat.uldif')
-rw-r--r-- | install/share/schema_compat.uldif | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/install/share/schema_compat.uldif b/install/share/schema_compat.uldif index 9bcda2cdd..15ac2a296 100644 --- a/install/share/schema_compat.uldif +++ b/install/share/schema_compat.uldif @@ -49,6 +49,21 @@ default:schema-compat-entry-attribute: memberUid=%{memberUid} default:schema-compat-entry-attribute: memberUid=%deref("member","uid") default:schema-compat-entry-attribute: memberUid=%referred("cn=users","memberOf","uid") +dn: cn=ng,cn=Schema Compatibility,cn=plugins,cn=config +add:objectClass: top +add:objectClass: extensibleObject +add:cn: ng +add:schema-compat-container-group: 'cn=compat, $SUFFIX' +add:schema-compat-container-rdn: cn=ng +add:schema-compat-check-access: yes +add:schema-compat-search-base: 'cn=ng,cn=alt,$SUFFIX' +add:schema-compat-search-filter: !(cn=ng) +add:schema-compat-entry-rdn: cn=%{cn} +add:schema-compat-entry-attribute: objectclass=nisNetgroup +add:schema-compat-entry-attribute: 'memberNisNetgroup=%deref_r("member","cn")' +add:schema-compat-entry-attribute: 'memberNisNetgroup=%referred_r("cn=ng","memberOf","cn")' +add:schema-compat-entry-attribute: 'nisNetgroupTriple=(%link("%collect(\"%{externalHost}\",\"%deref(\\\"memberHost\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"member\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"memberHost\\\",\\\"member\\\",\\\"fqdn\\\")\")","-",",","%collect(\"%deref(\\\"memberUser\\\",\\\"uid\\\")\",\"%deref_r(\\\"member\\\",\\\"uid\\\")\",\"%deref_r(\\\"memberUser\\\",\\\"member\\\",\\\"uid\\\")\")","-"),%{nisDomainName:-})' + # Enable anonymous VLV browsing for Solaris dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config only:aci: '(targetattr !="aci")(version 3.0; acl "VLV Request Control"; allow (read, search, compare, proxy) userdn = "ldap:///anyone"; )' |