From 8f082f2d4f03b66cbd8548c0900111f8d2df799b Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 23 May 2008 15:41:44 -0400 Subject: Now that admin is in the common users tree make the nss_ldap configuration look at the specific tree where users are and not search the full server. --- ipa-client/ipa-install/ipa-client-install | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ipa-client') diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 17dd15a5d..b096d9b99 100644 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -232,8 +232,8 @@ def main(): {'name':'ldap_version', 'type':'option', 'value':'3'}, {'name':'base', 'type':'option', 'value':cli_basedn}, {'name':'empty', 'type':'empty'}, - {'name':'nss_base_passwd', 'type':'option', 'value':cli_basedn+'?sub'}, - {'name':'nss_base_group', 'type':'option', 'value':cli_basedn+'?sub'}, + {'name':'nss_base_passwd', 'type':'option', 'value':'cn=users,cn=accounts,'+cli_basedn+'?sub'}, + {'name':'nss_base_group', 'type':'option', 'value':'cn=groups,cn=accounts,'+cli_basedn+'?sub'}, {'name':'nss_schema', 'type':'option', 'value':'rfc2307bis'}, {'name':'nss_map_attribute', 'type':'option', 'value':'uniqueMember member'}, {'name':'nss_initgroups_ignoreusers', 'type':'option', 'value':'root,dirsrv'}, -- cgit