diff options
Diffstat (limited to 'ipa-server/ipa-install/share/kerberos.ldif')
-rw-r--r-- | ipa-server/ipa-install/share/kerberos.ldif | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/ipa-server/ipa-install/share/kerberos.ldif b/ipa-server/ipa-install/share/kerberos.ldif index ae4564f6f..d55f39ce4 100644 --- a/ipa-server/ipa-install/share/kerberos.ldif +++ b/ipa-server/ipa-install/share/kerberos.ldif @@ -1,26 +1,35 @@ -#kerberos base object -dn: cn=kerberos,$SUFFIX -changetype: add -objectClass: krbContainer -objectClass: top -cn: kerberos -aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow(all)userdn= "ldap:///uid=kdc,cn=kerberos,$SUFFIX";) - #kerberos user -dn: uid=kdc,cn=kerberos,$SUFFIX +dn: uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX changetype: add objectclass: account objectclass: simplesecurityobject uid: kdc userPassword: $PASSWORD +#kerberos base object +dn: cn=kerberos,$SUFFIX +changetype: add +objectClass: krbContainer +objectClass: top +cn: kerberos +aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow (all) userdn= "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";) + #sasl mapping -dn: cn=kerberos,cn=mapping,cn=sasl,cn=config +dn: cn=Full Principal,cn=mapping,cn=sasl,cn=config changetype: add objectclass: top objectclass: nsSaslMapping -cn: kerberos +cn: Full Principal nsSaslMapRegexString: \(.*\)@\(.*\) nsSaslMapBaseDNTemplate: $SUFFIX nsSaslMapFilterTemplate: (krbPrincipalName=\1@\2) +dn: cn=Name Only,cn=mapping,cn=sasl,cn=config +changetype: add +objectclass: top +objectclass: nsSaslMapping +cn: Name Only +nsSaslMapRegexString: \(.*\) +nsSaslMapBaseDNTemplate: $SUFFIX +nsSaslMapFilterTemplate: (krbPrincipalName=\1@$REALM) + |