Added DS scripts.

author: Endi S. Dewata <edewata@redhat.com> 2017-07-20 07:28:26 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2017-07-20 07:28:26 +0200
commit: d2cc01d76e69f8d3602c5181263b95cbcd1c79a3 (patch)
tree: 7b136f1a76e2e808bc48332283054d9f05d4863d /scripts/ds-insecure-disable.sh
parent: c23e0e44df69e44cb21c0e564ff1a7e2a7b67fd5 (diff)
download: pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.tar.gz
pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.tar.xz
pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.zip
1 files changed, 19 insertions, 0 deletions
diff --git a/scripts/ds-insecure-disable.sh b/scripts/ds-insecure-disable.sh
new file mode 100755
index 0000000..ec2b4d5
--- /dev/null
+++ b/scripts/ds-insecure-disable.sh
@@ -0,0 +1,19 @@
+#!/bin/sh -x
+
+# disable insecure connection
+LDAPTLS_CACERT=$HOSTNAME.crt \
+    ldapmodify -H ldaps://$HOSTNAME:636 -x -D "cn=Directory Manager" -w Secret123 << EOF
+dn: cn=config
+changetype: modify
+replace: nsslapd-allow-anonymous-access
+nsslapd-allow-anonymous-access: rootdse
+-
+replace: nsslapd-minssf
+nsslapd-minssf: 56
+-
+replace: nsslapd-require-secure-binds
+nsslapd-require-secure-binds: on
+-
+EOF
+
+systemctl restart dirsrv@pki-tomcat.service
author	Endi S. Dewata <edewata@redhat.com>	2017-07-20 07:28:26 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2017-07-20 07:28:26 +0200
commit	d2cc01d76e69f8d3602c5181263b95cbcd1c79a3 (patch)
tree	7b136f1a76e2e808bc48332283054d9f05d4863d /scripts/ds-insecure-disable.sh
parent	c23e0e44df69e44cb21c0e564ff1a7e2a7b67fd5 (diff)
download	pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.tar.gz pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.tar.xz pki-dev-d2cc01d76e69f8d3602c5181263b95cbcd1c79a3.zip