Name update files so they can be easily sorted.

We want to process some updates in a particular order (schema, structural).
Using an init-inspired ordering mechanism.

1 files changed, 33 insertions, 0 deletions

diff --git a/install/updates/20-nss_ldap.update b/install/updates/20-nss_ldap.update
new file mode 100644
index 000000000..e8c1e00f7
--- /dev/null
+++ b/install/updates/20-nss_ldap.update
@@ -0,0 +1,33 @@
+#
+# Add profile for RFC 4876 agents (Solaris and HP/ux)
+#
+
+# Update the top-level entry 
+dn: $SUFFIX
+add:objectClass: domain
+add:objectClass: domainRelatedObject
+add:objectClass: nisDomainObject
+add:associatedDomain: $DOMAIN
+add:nisDomain: $DOMAIN
+
+# Add a place to store the nss_ldap default profile
+dn: ou=profile,$SUFFIX
+add: objectClass: top
+add: objectClass: organizationalUnit
+add: ou: profiles
+
+# The DUA profile. On Solaris one can run:
+# ldap_client init ipa.example.com
+dn: cn=default,ou=profile,$SUFFIX
+default:ObjectClass: top
+default:ObjectClass: DUAConfigProfile
+default:defaultServerList: $FQDN
+default:defaultSearchBase: $SUFFIX
+default:authenticationMethod: none
+default:searchTimeLimit: 15
+default:cn: default
+default:serviceSearchDescriptor: passwd:cn=users,cn=accounts,$SUFFIX
+default:serviceSearchDescriptor: group:cn=groups,cn=compat,$SUFFIX
+default:bindTimeLimit: 5
+default:objectClassMap: shadow:shadowAccount=posixAccount
+default:followReferrals:TRUE