summaryrefslogtreecommitdiffstats
path: root/install/updates
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2009-06-04 15:33:49 -0400
committerSimo Sorce <ssorce@redhat.com>2009-07-10 09:42:22 -0400
commit9fe707a3f2e9a25e908cc9279c46a0f0c5acb15f (patch)
tree36113340606e99d69a3c204cb79f4e968f4c7b2b /install/updates
parent24089821fbc738b22f524d4d107d9de458484291 (diff)
downloadfreeipa-9fe707a3f2e9a25e908cc9279c46a0f0c5acb15f.zip
freeipa-9fe707a3f2e9a25e908cc9279c46a0f0c5acb15f.tar.gz
freeipa-9fe707a3f2e9a25e908cc9279c46a0f0c5acb15f.tar.xz
Basic changes to get a default principal for DNS
Also moves delagation layout installation in dsinstance. This is needed to allow us to set default membership in other modules like bindinstance. Signed-off-by: Martin Nagy <mnagy@redhat.com>
Diffstat (limited to 'install/updates')
-rw-r--r--install/updates/40-delegation.update20
1 files changed, 20 insertions, 0 deletions
diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update
index 78de12f..8532e50 100644
--- a/install/updates/40-delegation.update
+++ b/install/updates/40-delegation.update
@@ -54,6 +54,18 @@ add:objectClass: groupofnames
add:cn: netgroupadmin
add:description: Netgroups Administrators
+dn: cn=dnsadmin,cn=rolegroups,cn=accounts,$SUFFIX
+add:objectClass: top
+add:objectClass: groupofnames
+add:cn: dnsadmin
+add:description: DNS Administrators
+
+dn: cn=dnsserver,cn=rolegroups,cn=accounts,$SUFFIX
+add:objectClass: top
+add:objectClass: groupofnames
+add:cn: dnsserver
+add:description: DNS Servers
+
# Add the taskgroups referenced by the ACIs for user administration
dn: cn=taskgroups,cn=accounts,$SUFFIX
@@ -436,3 +448,11 @@ add:aci: '(targetattr = "krbPrincipalKey")(target = "ldap:///cn=*,
allow (write) groupdn = "ldap:///cn=manage_host_keytab,cn=taskgroups,
cn=accounts,$SUFFIX";)'
+# Taskgroup for updating the DNS entries
+dn: cn=update_dns,cn=taskgroups,cn=accounts,$SUFFIX
+add:objectClass: top
+add:objectClass: groupofnames
+add:cn: manage_host_keytab
+add:description: Updates DNS
+add:member:'cn=dnsadmin,cn=rolegroups,cn=accounts,$SUFFIX'
+add:member:'cn=dnsserver,cn=rolegroups,cn=accounts,$SUFFIX'