From 4cb2c2813d5787f8ebee6eba2ea0be756507b58b Mon Sep 17 00:00:00 2001 From: Nathaniel McCallum Date: Mon, 11 Nov 2013 17:58:02 -0400 Subject: Add RADIUS proxy support to ipalib CLI https://fedorahosted.org/freeipa/ticket/3368 --- install/updates/20-indices.update | 7 +++++++ install/updates/25-referint.update | 1 + install/updates/40-otp.update | 5 +++++ 3 files changed, 13 insertions(+) (limited to 'install/updates') diff --git a/install/updates/20-indices.update b/install/updates/20-indices.update index b966a4f7c..5ff6d713d 100644 --- a/install/updates/20-indices.update +++ b/install/updates/20-indices.update @@ -136,3 +136,10 @@ default:ObjectClass: top default:ObjectClass: nsIndex default:nsSystemIndex: false default:nsIndexType: eq + +dn: cn=ipatokenradiusconfiglink,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config +default:cn: ipatokenradiusconfiglink +default:ObjectClass: top +default:ObjectClass: nsIndex +default:nsSystemIndex: false +only:nsIndexType: eq,pres,sub diff --git a/install/updates/25-referint.update b/install/updates/25-referint.update index 54f3492fa..65af05128 100644 --- a/install/updates/25-referint.update +++ b/install/updates/25-referint.update @@ -11,3 +11,4 @@ add: nsslapd-pluginArg14: memberallowcmd add: nsslapd-pluginArg15: memberdenycmd add: nsslapd-pluginArg16: ipasudorunas add: nsslapd-pluginArg17: ipasudorunasgroup +add: nsslapd-pluginArg18: ipatokenradiusconfiglink diff --git a/install/updates/40-otp.update b/install/updates/40-otp.update index ff36c87a6..83dfab7c0 100644 --- a/install/updates/40-otp.update +++ b/install/updates/40-otp.update @@ -7,3 +7,8 @@ dn: $SUFFIX add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "objectclass || ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can read basic token info"; allow (read, search, compare) userattr = "ipatokenOwner#USERDN";)' add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can write basic token info"; allow (write) userattr = "ipatokenOwner#USERDN";)' add: aci:'(targetfilter = "(objectClass=ipatokenTOTP)")(targetattrs = "ipatokenOTPkey || ipatokenOTPalgorithm || ipatokenOTPdigits || ipatokenTOTPclockOffset || ipatokenTOTPtimeStep")(version 3.0; acl "Users can add TOTP token secrets"; allow (write, search) userattr = "ipatokenOwner#USERDN";)' + +dn: cn=radiusproxy,$SUFFIX +default: objectClass: nsContainer +default: objectClass: top +default: cn: radiusproxy -- cgit