diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2013-05-16 13:06:14 -0500 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2013-06-10 13:35:22 -0400 |
| commit | 0812c8d7583250d9ccbfbc3439083d1d2296b2f5 (patch) | |
| tree | ed22e7a39a37ee87a36257170b00da7db11eca54 /base/tps/shared/conf/manager.ldif | |
| parent | e4656ce3f71f5cc0ba124ed5082a264e2689140b (diff) | |
| download | pki-0812c8d7583250d9ccbfbc3439083d1d2296b2f5.tar.gz pki-0812c8d7583250d9ccbfbc3439083d1d2296b2f5.tar.xz pki-0812c8d7583250d9ccbfbc3439083d1d2296b2f5.zip | |
Added Tomcat-based TPS instance.
The build and deployment tools have been modified to support creating
a basic Tomcat instance to run TPS. New configuration and template
files for TPS have been copied from another Tomcat subsystem. The TPS
functionality itself will be added in future patches.
Ticket #526
Diffstat (limited to 'base/tps/shared/conf/manager.ldif')
| -rw-r--r-- | base/tps/shared/conf/manager.ldif | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/base/tps/shared/conf/manager.ldif b/base/tps/shared/conf/manager.ldif new file mode 100644 index 000000000..18700dd4b --- /dev/null +++ b/base/tps/shared/conf/manager.ldif @@ -0,0 +1,46 @@ +# acis for cert manager + +dn: ou=csusers,cn=config +objectClass: top +objectClass: organizationalUnit +ou: csusers + +dn: {rootSuffix} +changetype: modify +add: aci +aci: (targetattr=*)(version 3.0; acl "cert manager access v2"; allow (all) userdn = "ldap:///{dbuser}";) + +dn: cn=ldbm database,cn=plugins,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(version 3.0; acl "Cert Manager access for VLV searches"; allow (read) userdn="ldap:///{dbuser}";) + +dn: cn=config +changetype: modify +add: aci +aci: (targetattr != aci)(version 3.0; aci "cert manager read access"; allow (read, search, compare) userdn = "ldap:///{dbuser}";) + +dn: ou=csusers,cn=config +changetype: modify +add: aci +aci: (targetattr != aci)(version 3.0; aci "cert manager manage replication users"; allow (all) userdn = "ldap:///{dbuser}";) + +dn: cn="{rootSuffix}",cn=mapping tree,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(version 3.0;acl "cert manager: Add Replication Agreements";allow (add) userdn = "ldap:///{dbuser}";) + +dn: cn="{rootSuffix}",cn=mapping tree,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5Replica)(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement)(objectClass=nsMappingTree))")(version 3.0; acl "cert manager: Modify Replication Agreements"; allow (read, write, search) userdn = "ldap:///{dbuser}";) + +dn: cn="{rootSuffix}",cn=mapping tree,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0;acl "cert manager: Remove Replication Agreements";allow (delete) userdn = "ldap:///{dbuser}";) + +dn: cn=tasks,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(version 3.0; acl "cert manager: Run tasks after replica re-initialization"; allow (add) userdn = "ldap:///{dbuser}";) |