diff options
Diffstat (limited to 'install/updates/40-delegation.update')
-rw-r--r-- | install/updates/40-delegation.update | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update index 085cd1f81..7dc12d8c9 100644 --- a/install/updates/40-delegation.update +++ b/install/updates/40-delegation.update @@ -241,7 +241,7 @@ add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Remove Hosts";allow (delete) groupdn = "ldap:///cn=removehosts,cn= taskgroups,cn=accounts,$SUFFIX";)' -add:aci: '(targetattr = "cn || description || l || nshostlocation || +add:aci: '(targetattr = "description || l || nshostlocation || nshardwareplatform || nsosversion") (target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0; acl "Modify Hosts";allow (write) groupdn = "ldap:///cn=modifyhosts, @@ -501,7 +501,7 @@ add:member:'cn=enrollhost,cn=rolegroups,cn=accounts,$SUFFIX' # set the krbPrincipalName, add krbPrincipalAux to objectClass and # set enrolledBy to whoever ran join. dn: $SUFFIX -add:aci: '(targetattr = "krbPrincipalName || enrolledBy || objectClass") +add:aci: '(targetattr = "enrolledBy || objectClass") (target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX") (version 3.0;acl "Enroll a host"; allow (write) groupdn = "ldap:///cn=enroll_host,cn=taskgroups, |