diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-08-11 15:26:37 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-08-19 10:50:07 -0400 |
commit | e466bed5453302ca41e6ab7e85fddbdd35548d2a (patch) | |
tree | 9c0065938b44951bcfd6f9e7eddf4ceea332b262 /install/share | |
parent | e225ad4341b8f91b0aa3d4be3f93b9082716828e (diff) | |
download | freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.tar.gz freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.tar.xz freeipa-e466bed5453302ca41e6ab7e85fddbdd35548d2a.zip |
Enable compat plugin by default and configure netgroups
Move the netgroup compat configuration from the nis configuration to
the existing compat configuration.
Add a 'status' option to the ipa-copmat-manage tool.
ticket 91
Diffstat (limited to 'install/share')
-rw-r--r-- | install/share/nis.uldif | 15 | ||||
-rw-r--r-- | install/share/schema_compat.uldif | 15 |
2 files changed, 15 insertions, 15 deletions
diff --git a/install/share/nis.uldif b/install/share/nis.uldif index 5860d23af..d6a3644d5 100644 --- a/install/share/nis.uldif +++ b/install/share/nis.uldif @@ -82,18 +82,3 @@ default:nis-filter: (objectClass=ipanisNetgroup) default:nis-key-format: %{cn} default:nis-value-format: %merge(" ","%{memberNisNetgroup}","(%link(\"%collect(\\\"%{externalHost}\\\",\\\"%deref(\\\\\\\"memberHost\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberHost\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\")\",\"-\",\",\",\"%collect(\\\"%deref(\\\\\\\"memberUser\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberUser\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\")\",\"-\"),%{nisDomainName:-})") default:nis-secure: no - -dn: cn=ng,cn=Schema Compatibility,cn=plugins,cn=config -add:objectClass: top -add:objectClass: extensibleObject -add:cn: ng -add:schema-compat-container-group: 'cn=compat, $SUFFIX' -add:schema-compat-container-rdn: cn=ng -add:schema-compat-check-access: yes -add:schema-compat-search-base: 'cn=ng,cn=alt,$SUFFIX' -add:schema-compat-search-filter: !(cn=ng) -add:schema-compat-entry-rdn: cn=%{cn} -add:schema-compat-entry-attribute: objectclass=nisNetgroup -add:schema-compat-entry-attribute: 'memberNisNetgroup=%deref_r("member","cn")' -add:schema-compat-entry-attribute: 'memberNisNetgroup=%referred_r("cn=ng","memberOf","cn")' -add:schema-compat-entry-attribute: 'nisNetgroupTriple=(%link("%collect(\"%{externalHost}\",\"%deref(\\\"memberHost\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"member\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"memberHost\\\",\\\"member\\\",\\\"fqdn\\\")\")","-",",","%collect(\"%deref(\\\"memberUser\\\",\\\"uid\\\")\",\"%deref_r(\\\"member\\\",\\\"uid\\\")\",\"%deref_r(\\\"memberUser\\\",\\\"member\\\",\\\"uid\\\")\")","-"),%{nisDomainName:-})' diff --git a/install/share/schema_compat.uldif b/install/share/schema_compat.uldif index 9bcda2cdd..15ac2a296 100644 --- a/install/share/schema_compat.uldif +++ b/install/share/schema_compat.uldif @@ -49,6 +49,21 @@ default:schema-compat-entry-attribute: memberUid=%{memberUid} default:schema-compat-entry-attribute: memberUid=%deref("member","uid") default:schema-compat-entry-attribute: memberUid=%referred("cn=users","memberOf","uid") +dn: cn=ng,cn=Schema Compatibility,cn=plugins,cn=config +add:objectClass: top +add:objectClass: extensibleObject +add:cn: ng +add:schema-compat-container-group: 'cn=compat, $SUFFIX' +add:schema-compat-container-rdn: cn=ng +add:schema-compat-check-access: yes +add:schema-compat-search-base: 'cn=ng,cn=alt,$SUFFIX' +add:schema-compat-search-filter: !(cn=ng) +add:schema-compat-entry-rdn: cn=%{cn} +add:schema-compat-entry-attribute: objectclass=nisNetgroup +add:schema-compat-entry-attribute: 'memberNisNetgroup=%deref_r("member","cn")' +add:schema-compat-entry-attribute: 'memberNisNetgroup=%referred_r("cn=ng","memberOf","cn")' +add:schema-compat-entry-attribute: 'nisNetgroupTriple=(%link("%collect(\"%{externalHost}\",\"%deref(\\\"memberHost\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"member\\\",\\\"fqdn\\\")\",\"%deref_r(\\\"memberHost\\\",\\\"member\\\",\\\"fqdn\\\")\")","-",",","%collect(\"%deref(\\\"memberUser\\\",\\\"uid\\\")\",\"%deref_r(\\\"member\\\",\\\"uid\\\")\",\"%deref_r(\\\"memberUser\\\",\\\"member\\\",\\\"uid\\\")\")","-"),%{nisDomainName:-})' + # Enable anonymous VLV browsing for Solaris dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config only:aci: '(targetattr !="aci")(version 3.0; acl "VLV Request Control"; allow (read, search, compare, proxy) userdn = "ldap:///anyone"; )' |