Move Virtual Operations container under cn=etc

Fixes: https://fedorahosted.org/freeipa/ticket/759
author: Simo Sorce <ssorce@redhat.com> 2011-01-13 15:54:06 -0500
committer: Simo Sorce <ssorce@redhat.com> 2011-01-14 14:06:56 -0500
commit: 5549dca50e17cf8b0eb4880fa832630d26ecc5b9 (patch)
tree: f589be5cf67c33f5c2e3aef4e511d8206bd30e40 /install
parent: cfa23b1c2a421e795095c4b40c21e53d5090dce0 (diff)
download: freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.tar.gz
freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.tar.xz
freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.zip
4 files changed, 28 insertions, 28 deletions
diff --git a/install/share/delegation.ldif b/install/share/delegation.ldif
index 85b7e736e..79b5159da 100644
--- a/install/share/delegation.ldif
+++ b/install/share/delegation.ldif
@@ -626,14 +626,14 @@ aci: (target = "ldap:///ipauniqueid=*,cn=entitlements,cn=etc,$SUFFIX")(version 3
 
 # Create virtual operations entry. This is used to control access to
 # operations that don't rely on LDAP directly.
-dn: cn=virtual operations,$SUFFIX
+dn: cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
 cn: virtual operations
 
 # Retrieve Certificate virtual op
-dn: cn=retrieve certificate,cn=virtual operations,$SUFFIX
+dn: cn=retrieve certificate,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -650,10 +650,10 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=retrieve certificate,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Retrieve Certificates from the CA" ; allow (write) groupdn = "ldap:///cn=retrieve_certs,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=retrieve certificate,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Retrieve Certificates from the CA" ; allow (write) groupdn = "ldap:///cn=retrieve_certs,cn=permissions,cn=pbac,$SUFFIX";)
 
 # Request Certificate virtual op
-dn: cn=request certificate,cn=virtual operations,$SUFFIX
+dn: cn=request certificate,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -670,10 +670,10 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Request Certificates from the CA" ; allow (write) groupdn = "ldap:///cn=request_certs,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Request Certificates from the CA" ; allow (write) groupdn = "ldap:///cn=request_certs,cn=permissions,cn=pbac,$SUFFIX";)
 
 # Request Certificate from different host virtual op
-dn: cn=request certificate different host,cn=virtual operations,$SUFFIX
+dn: cn=request certificate different host,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -690,10 +690,10 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate different host,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Request Certificates from a different host" ; allow (write) groupdn = "ldap:///cn=request_cert_different_host,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=request certificate different host,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Request Certificates from a different host" ; allow (write) groupdn = "ldap:///cn=request_cert_different_host,cn=permissions,cn=pbac,$SUFFIX";)
 
 # Certificate Status virtual op
-dn: cn=certificate status,cn=virtual operations,$SUFFIX
+dn: cn=certificate status,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -710,10 +710,10 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate status,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Get Certificates status from the CA" ; allow (write) groupdn = "ldap:///cn=certificate_status,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate status,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Get Certificates status from the CA" ; allow (write) groupdn = "ldap:///cn=certificate_status,cn=permissions,cn=pbac,$SUFFIX";)
 
 # Revoke Certificate virtual op
-dn: cn=revoke certificate,cn=virtual operations,$SUFFIX
+dn: cn=revoke certificate,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -730,10 +730,10 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=revoke certificate,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Revoke Certificate"; allow (write) groupdn = "ldap:///cn=revoke_certificate,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=revoke certificate,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Revoke Certificate"; allow (write) groupdn = "ldap:///cn=revoke_certificate,cn=permissions,cn=pbac,$SUFFIX";)
 
 # Certificate Remove Hold virtual op
-dn: cn=certificate remove hold,cn=virtual operations,$SUFFIX
+dn: cn=certificate remove hold,cn=virtual operations,cn=etc,$SUFFIX
 changetype: add
 objectClass: top
 objectClass: nsContainer
@@ -750,4 +750,4 @@ member: cn=certadmin,cn=privileges,cn=pbac,$SUFFIX
 dn: $SUFFIX
 changetype: modify
 add: aci
-aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate remove hold,cn=virtual operations,$SUFFIX" )(version 3.0 ; acl "Certificate Remove Hold"; allow (write) groupdn = "ldap:///cn=certificate_remove_hold,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr = "objectclass")(target = "ldap:///cn=certificate remove hold,cn=virtual operations,cn=etc,$SUFFIX" )(version 3.0 ; acl "Certificate Remove Hold"; allow (write) groupdn = "ldap:///cn=certificate_remove_hold,cn=permissions,cn=pbac,$SUFFIX";)
diff --git a/install/static/test/data/aci_find.json b/install/static/test/data/aci_find.json
index 23077876b..00682ffd2 100644
--- a/install/static/test/data/aci_find.json
+++ b/install/static/test/data/aci_find.json
@@ -14,7 +14,7 @@
             "(targetattr = \"krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey || krbTicketPolicyReference || krbPrincipalExpiration || krbPasswordExpiration || krbPwdPolicyReference || krbPrincipalType || krbPwdHistory || krbLastPwdChange || krbPrincipalAliases || krbExtraData || krbLastSuccessfulAuth || krbLastFailedAuth || krbLoginFailedCount\")(version 3.0;acl \"Only the KDC System Account has access to kerberos material\";allow (read,search,compare) userdn = \"ldap:///uid=kdc,cn=sysaccounts,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"krbMaxPwdLife || krbMinPwdLife || krbPwdMinDiffChars || krbPwdMinLength || krbPwdHistoryLength\")(targetfilter = \"(objectClass=krbPwdPolicy)\")(version 3.0;acl \"Admins can write password policies\";allow (read,search,compare,write) groupdn = \"ldap:///cn=admins,cn=groups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"givenName || sn || cn || displayName || title || initials || loginShell || gecos || homePhone || mobile || pager || facsimileTelephoneNumber || telephoneNumber || street || roomNumber || l || st || postalCode || manager || secretary || description || carLicense || labeledURI || inetUserHTTPURL || seeAlso || employeeType || businessCategory || ou\")(version 3.0;acl \"Self service\";allow (write) userdn = \"ldap:///self\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=certificate status,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Get Certificates status from the CA\";allow (write) groupdn = \"ldap:///cn=certificate_status,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=certificate status,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Get Certificates status from the CA\";allow (write) groupdn = \"ldap:///cn=certificate_status,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///uid=*,cn=users,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Remove Users\";allow (delete) groupdn = \"ldap:///cn=removeusers,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"member\")(target = \"ldap:///cn=*,cn=groups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify group membership\";allow (write) groupdn = \"ldap:///cn=modifygroupmembership,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///krbprincipalname=*,cn=services,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Add Services\";allow (add) groupdn = \"ldap:///cn=addservices,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
@@ -38,11 +38,11 @@
             "(target = \"ldap:///ipauniqueid=*,cn=ng,cn=alt,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Remove netgroups\";allow (delete) groupdn = \"ldap:///cn=removenetgroups,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"description\")(target = \"ldap:///ipauniqueid=*,cn=ng,cn=alt,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify netgroups\";allow (write) groupdn = \"ldap:///cn=modifynetgroups,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"member\")(target = \"ldap:///cn=*,cn=rolegroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify role group membership\";allow (write) groupdn = \"ldap:///cn=modifyrolegroupmembership,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=request certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Request Certificates from the CA\";allow (write) groupdn = \"ldap:///cn=request_certs,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=request certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Request Certificates from the CA\";allow (write) groupdn = \"ldap:///cn=request_certs,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"userCertificate\")(target = \"ldap:///ipauniqueid=*,cn=entitlements,cn=etc,dc=greyoak,dc=com\")(version 3.0;acl \"Modify entitlements\";allow (write) groupdn = \"ldap:///cn=modifyentitlements,cn=taskgroups,cn=accounts,dc=greyoak,dc=com\";)", 
             "(targetattr = \"member\")(target = \"ldap:///cn=*,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify task group membership\";allow (write) groupdn = \"ldap:///cn=modifytaskgroupmembership,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///cn=*,cn=rolegroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Add Roles\";allow (add) groupdn = \"ldap:///cn=addroles,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=certificate remove hold,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Certificate Remove Hold\";allow (write) groupdn = \"ldap:///cn=certificate_remove_hold,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=certificate remove hold,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Certificate Remove Hold\";allow (write) groupdn = \"ldap:///cn=certificate_remove_hold,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///cn=*,cn=rolegroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Remove Roles\";allow (delete) groupdn = \"ldap:///cn=removeroles,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///automountmapname=*,cn=automount,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Add automount maps\";allow (add) groupdn = \"ldap:///cn=addautomount,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"givenName || sn || cn || displayName || title || initials || loginShell || gecos || homePhone || mobile || pager || facsimileTelephoneNumber || telephoneNumber || street || roomNumber || l || st || postalCode || manager || secretary || description || carLicense || labeledURI || inetUserHTTPURL || seeAlso || employeeType || businessCategory || ou || mepManagedEntry || objectclass\")(target = \"ldap:///uid=*,cn=users,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify Users\";allow (write) groupdn = \"ldap:///cn=modifyusers,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
@@ -51,13 +51,13 @@
             "(target = \"ldap:///ipauniqueid=*,cn=entitlements,cn=etc,dc=greyoak,dc=com\")(version 3.0;acl \"Add entitlements\";allow (add) groupdn = \"ldap:///cn=addentitlements,cn=taskgroups,cn=accounts,dc=greyoak,dc=com\";)", 
             "(target = \"ldap:///automountkey=*,automountmapname=*,cn=automount,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Add automount keys\";allow (add) groupdn = \"ldap:///cn=addautomount,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(target = \"ldap:///cn=*,cn=groups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Remove Groups\";allow (delete) groupdn = \"ldap:///cn=removegroups,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=retrieve certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Retrieve Certificates from the CA\";allow (write) groupdn = \"ldap:///cn=retrieve_certs,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=revoke certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Revoke Certificate\";allow (write) groupdn = \"ldap:///cn=revoke_certificate,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=retrieve certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Retrieve Certificates from the CA\";allow (write) groupdn = \"ldap:///cn=retrieve_certs,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=revoke certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Revoke Certificate\";allow (write) groupdn = \"ldap:///cn=revoke_certificate,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"krbPrincipalKey || krbLastPwdChange\")(target = \"ldap:///fqdn=*,cn=computers,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Manage host keytab\";allow (write) groupdn = \"ldap:///cn=manage_host_keytab,cn=taskgroups, cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"cn || description || gidnumber || objectclass || mepManagedBy\")(target = \"ldap:///cn=*,cn=groups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify Groups\";allow (write) groupdn = \"ldap:///cn=modifygroups,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
             "(targetattr = \"member\")(target = \"ldap:///cn=*,cn=hostgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Modify host group membership\";allow (write) groupdn = \"ldap:///cn=modifyhostgroupmembership,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)", 
-            "(targetattr = \"objectClass\")(target = \"ldap:///cn=request certificate different host,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Request Certificates from a different host\";allow (write) groupdn = \"ldap:///cn=request_cert_different_host,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)"
+            "(targetattr = \"objectClass\")(target = \"ldap:///cn=request certificate different host,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\")(version 3.0;acl \"Request Certificates from a different host\";allow (write) groupdn = \"ldap:///cn=request_cert_different_host,cn=taskgroups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com\";)"
         ], 
         "summary": "53 ACIs matched"
     }
-}
-\ No newline at end of file
+}
diff --git a/install/static/test/data/ipa_init.json b/install/static/test/data/ipa_init.json
index 14da9cb3b..56a808c28 100644
--- a/install/static/test/data/ipa_init.json
+++ b/install/static/test/data/ipa_init.json
@@ -7904,7 +7904,7 @@
                     "container_sudocmdgroup": "cn=sudocmdgroups,cn=accounts",
                     "container_sudorule": "cn=sudorules",
                     "container_user": "cn=users,cn=accounts",
-                    "container_virtual": "cn=virtual operations",
+                    "container_virtual": "cn=virtual operations,cn=etc",
                     "context": "server",
                     "debug": false,
                     "domain": "ayoung.boston.devel.redhat.com",
@@ -7941,4 +7941,4 @@
             }
         ]
     }
-}
-\ No newline at end of file
+}
diff --git a/install/static/test/data/permission_find.json b/install/static/test/data/permission_find.json
index b0e1c101f..cad5f0868 100644
--- a/install/static/test/data/permission_find.json
+++ b/install/static/test/data/permission_find.json
@@ -767,7 +767,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=retrieve certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=retrieve certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "attrs": [
@@ -786,7 +786,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=request certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=request certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "attrs": [
@@ -805,7 +805,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=request certificate different host,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=request certificate different host,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "attrs": [
@@ -824,7 +824,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=certificate status,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=certificate status,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "attrs": [
@@ -843,7 +843,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=revoke certificate,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=revoke certificate,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "attrs": [
@@ -862,7 +862,7 @@
                 "permissions": [
                     "write"
                 ],
-                "subtree": "ldap:///cn=certificate remove hold,cn=virtual operations,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
+                "subtree": "ldap:///cn=certificate remove hold,cn=virtual operations,cn=etc,dc=ayoung,dc=boston,dc=devel,dc=redhat,dc=com"
             },
             {
                 "cn": [
author	Simo Sorce <ssorce@redhat.com>	2011-01-13 15:54:06 -0500
committer	Simo Sorce <ssorce@redhat.com>	2011-01-14 14:06:56 -0500
commit	5549dca50e17cf8b0eb4880fa832630d26ecc5b9 (patch)
tree	f589be5cf67c33f5c2e3aef4e511d8206bd30e40 /install
parent	cfa23b1c2a421e795095c4b40c21e53d5090dce0 (diff)
download	freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.tar.gz freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.tar.xz freeipa-5549dca50e17cf8b0eb4880fa832630d26ecc5b9.zip