diff options
| author | Nathaniel McCallum <npmccallum@redhat.com> | 2013-11-11 17:58:02 -0400 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2013-12-03 14:49:10 +0100 |
| commit | 4cb2c2813d5787f8ebee6eba2ea0be756507b58b (patch) | |
| tree | 481bbd93203634db2fdbba38e8e0cedca57fe384 /install/updates/40-otp.update | |
| parent | efffcfdbc24ad81d48c7b65443a75928b156cc49 (diff) | |
| download | freeipa-4cb2c2813d5787f8ebee6eba2ea0be756507b58b.tar.gz freeipa-4cb2c2813d5787f8ebee6eba2ea0be756507b58b.tar.xz freeipa-4cb2c2813d5787f8ebee6eba2ea0be756507b58b.zip | |
Add RADIUS proxy support to ipalib CLI
https://fedorahosted.org/freeipa/ticket/3368
Diffstat (limited to 'install/updates/40-otp.update')
| -rw-r--r-- | install/updates/40-otp.update | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/install/updates/40-otp.update b/install/updates/40-otp.update index ff36c87a6..83dfab7c0 100644 --- a/install/updates/40-otp.update +++ b/install/updates/40-otp.update @@ -7,3 +7,8 @@ dn: $SUFFIX add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "objectclass || ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can read basic token info"; allow (read, search, compare) userattr = "ipatokenOwner#USERDN";)' add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can write basic token info"; allow (write) userattr = "ipatokenOwner#USERDN";)' add: aci:'(targetfilter = "(objectClass=ipatokenTOTP)")(targetattrs = "ipatokenOTPkey || ipatokenOTPalgorithm || ipatokenOTPdigits || ipatokenTOTPclockOffset || ipatokenTOTPtimeStep")(version 3.0; acl "Users can add TOTP token secrets"; allow (write, search) userattr = "ipatokenOwner#USERDN";)' + +dn: cn=radiusproxy,$SUFFIX +default: objectClass: nsContainer +default: objectClass: top +default: cn: radiusproxy |