summaryrefslogtreecommitdiffstats
path: root/ipa-server/ipa-install/share/kerberos.ldif
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-server/ipa-install/share/kerberos.ldif')
-rw-r--r--ipa-server/ipa-install/share/kerberos.ldif31
1 files changed, 20 insertions, 11 deletions
diff --git a/ipa-server/ipa-install/share/kerberos.ldif b/ipa-server/ipa-install/share/kerberos.ldif
index ae4564f6f..d55f39ce4 100644
--- a/ipa-server/ipa-install/share/kerberos.ldif
+++ b/ipa-server/ipa-install/share/kerberos.ldif
@@ -1,26 +1,35 @@
-#kerberos base object
-dn: cn=kerberos,$SUFFIX
-changetype: add
-objectClass: krbContainer
-objectClass: top
-cn: kerberos
-aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow(all)userdn= "ldap:///uid=kdc,cn=kerberos,$SUFFIX";)
-
#kerberos user
-dn: uid=kdc,cn=kerberos,$SUFFIX
+dn: uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: kdc
userPassword: $PASSWORD
+#kerberos base object
+dn: cn=kerberos,$SUFFIX
+changetype: add
+objectClass: krbContainer
+objectClass: top
+cn: kerberos
+aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow (all) userdn= "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";)
+
#sasl mapping
-dn: cn=kerberos,cn=mapping,cn=sasl,cn=config
+dn: cn=Full Principal,cn=mapping,cn=sasl,cn=config
changetype: add
objectclass: top
objectclass: nsSaslMapping
-cn: kerberos
+cn: Full Principal
nsSaslMapRegexString: \(.*\)@\(.*\)
nsSaslMapBaseDNTemplate: $SUFFIX
nsSaslMapFilterTemplate: (krbPrincipalName=\1@\2)
+dn: cn=Name Only,cn=mapping,cn=sasl,cn=config
+changetype: add
+objectclass: top
+objectclass: nsSaslMapping
+cn: Name Only
+nsSaslMapRegexString: \(.*\)
+nsSaslMapBaseDNTemplate: $SUFFIX
+nsSaslMapFilterTemplate: (krbPrincipalName=\1@$REALM)
+
generated by cgit (git 2.34.1) at 2024-06-18 10:49:37 +0000