From 1a20d754216bafb82aa40ea584c7de7c9a5b0b07 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Wed, 1 Dec 2010 17:48:41 -0500 Subject: Set labels on all attributes in the config object. Make the cert subject base read-only. This is here only so replicated servers know their base. ticket 466 --- install/share/default-aci.ldif | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'install/share/default-aci.ldif') diff --git a/install/share/default-aci.ldif b/install/share/default-aci.ldif index 423922754..d725cd5c1 100644 --- a/install/share/default-aci.ldif +++ b/install/share/default-aci.ldif @@ -18,7 +18,7 @@ changetype: modify add: aci aci: (targetattr = "givenName || sn || cn || displayName || title || initials || loginShell || gecos || homePhone || mobile || pager || facsimileTelephoneNumber || telephoneNumber || street || roomNumber || l || st || postalCode || manager || secretary || description || carLicense || labeledURI || inetUserHTTPURL || seeAlso || employeeType || businessCategory || ou")(version 3.0;acl "Self service";allow (write) userdn = "ldap:///self";) -dn: cn=ipaConfig,cn=etc,$SUFFIX +dn: cn=etc,$SUFFIX changetype: modify add: aci aci: (targetfilter = "(objectClass=ipaGuiConfig)")(targetattr != "aci")(version 3.0;acl "Admins can change GUI config"; allow (read, search, compare, write) groupdn = "ldap:///cn=admins,cn=groups,cn=accounts,$SUFFIX";) -- cgit