diff options
| author | Simo Sorce <ssorce@redhat.com> | 2011-01-19 15:17:25 -0500 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2011-01-20 15:49:30 -0500 |
| commit | 861aa9c1b8ddf757b358f3a66e3ca57d4cc05b4c (patch) | |
| tree | 50e0025b2cdc32721bca357102daf4935e712c01 /ipaserver/install/dsinstance.py | |
| parent | 5af80a7583edfd0061a70abde4868d4582247608 (diff) | |
| download | freeipa-861aa9c1b8ddf757b358f3a66e3ca57d4cc05b4c.tar.gz freeipa-861aa9c1b8ddf757b358f3a66e3ca57d4cc05b4c.tar.xz freeipa-861aa9c1b8ddf757b358f3a66e3ca57d4cc05b4c.zip | |
Allow SASL/EXTERNAL authentication for the root user
This gives the root user low privileges so that when anonymous searches are
denied the init scripts can still search the directory via ldapi to get the
list of serevices to start.
Fixes: https://fedorahosted.org/freeipa/ticket/795
Diffstat (limited to 'ipaserver/install/dsinstance.py')
| -rw-r--r-- | ipaserver/install/dsinstance.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 859d5c8ff..378e01234 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -207,6 +207,7 @@ class DsInstance(service.Service): self.step("creating indices", self.__create_indices) self.step("configuring ssl for ds instance", self.__enable_ssl) self.step("configuring certmap.conf", self.__certmap_conf) + self.step("configure autobind for root", self.__root_autobind) self.step("restarting directory server", self.__restart_instance) def __common_post_setup(self): @@ -728,3 +729,7 @@ class DsInstance(service.Service): def __tuning(self): self.tune_nofile(8192) + + def __root_autobind(self): + self._ldap_mod("root-autobind.ldif") + |