diff options
| -rw-r--r-- | install/share/Makefile.am | 1 | ||||
| -rw-r--r-- | install/share/modrdn-krbprinc.ldif | 11 | ||||
| -rw-r--r-- | ipaserver/install/dsinstance.py | 5 |
3 files changed, 17 insertions, 0 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index a46ba36f..e5fd64d1 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -41,6 +41,7 @@ app_DATA = \ wsgi.py \ user_private_groups.ldif \ uuid-ipauniqueid.ldif \ + modrdn-krbprinc.ldif \ $(NULL) EXTRA_DIST = \ diff --git a/install/share/modrdn-krbprinc.ldif b/install/share/modrdn-krbprinc.ldif new file mode 100644 index 00000000..b35ea25f --- /dev/null +++ b/install/share/modrdn-krbprinc.ldif @@ -0,0 +1,11 @@ +# add plugin configuration for ipauniqueid +dn: cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config +changetype: add +objectclass: top +objectclass: extensibleObject +cn: Kerberos Principal Name +ipaModRDNsourceAttr: uid +ipaModRDNtargetAttr: krbPrincipalName +ipaModRDNsuffix: @$REALM +ipaModRDNfilter: (&(objectclass=posixaccount)(objectclass=krbPrincipalAux)) +ipaModRDNscope: $SUFFIX diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 5941158d..26cf3d3b 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -213,6 +213,7 @@ class DsInstance(service.Service): self.step("enabling ldapi", self.__enable_ldapi) self.step("configuring uniqueness plugin", self.__set_unique_attrs) self.step("configuring uuid plugin", self.__config_uuid_module) + self.step("configuring modrdn plugin", self.__config_modrdn_module) self.step("creating indices", self.__create_indices) self.step("configuring ssl for ds instance", self.__enable_ssl) self.step("configuring certmap.conf", self.__certmap_conf) @@ -390,6 +391,10 @@ class DsInstance(service.Service): self._ldap_mod("uuid-conf.ldif") self._ldap_mod("uuid-ipauniqueid.ldif", self.sub_dict) + def __config_modrdn_module(self): + self._ldap_mod("modrdn-conf.ldif") + self._ldap_mod("modrdn-krbprinc.ldif", self.sub_dict) + def __user_private_groups(self): if has_managed_entries(self.fqdn, self.dm_password): self._ldap_mod("user_private_groups.ldif", self.sub_dict) |