diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-02-15 11:16:52 -0500 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-02-15 18:00:46 +0100 |
| commit | 1df314d3bf6d0e1538e2d2da86daa4aa732113f0 (patch) | |
| tree | 66e40598806b79043b30c5702224f0f92691d4af | |
| parent | 08413612d485b02294c3bf570fd167a340f11ac9 (diff) | |
| download | freeipa-1df314d3bf6d0e1538e2d2da86daa4aa732113f0.tar.gz freeipa-1df314d3bf6d0e1538e2d2da86daa4aa732113f0.tar.xz freeipa-1df314d3bf6d0e1538e2d2da86daa4aa732113f0.zip | |
Add S4U2Proxy delegation permissions on upgrades
https://fedorahosted.org/freeipa/ticket/2396
| -rw-r--r-- | install/updates/30-s4u2proxy.update | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/install/updates/30-s4u2proxy.update b/install/updates/30-s4u2proxy.update index 15c3f6165..392afed6f 100644 --- a/install/updates/30-s4u2proxy.update +++ b/install/updates/30-s4u2proxy.update @@ -16,3 +16,9 @@ default: objectClass: groupOfPrincipals default: objectClass: top default: cn: ipa-ldap-delegation-targets default: memberPrincipal: ldap/$FQDN@$REALM + +dn: cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX +add: memberPrincipal: HTTP/$FQDN@$REALM + +dn: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX +add: memberPrincipal: ldap/$FQDN@$REALM |