diff options
Diffstat (limited to 'install')
| -rw-r--r-- | install/share/Makefile.am | 1 | ||||
| -rw-r--r-- | install/share/delegation.ldif | 12 | ||||
| -rw-r--r-- | install/share/replica-acis.ldif | 11 |
3 files changed, 12 insertions, 12 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index f9cc980d8..b3673180d 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -17,6 +17,7 @@ app_DATA = \ default-keytypes.ldif \ default-pwpolicy.ldif \ delegation.ldif \ + replica-acis.ldif \ ds-nfiles.ldif \ dns.ldif \ kerberos.ldif \ diff --git a/install/share/delegation.ldif b/install/share/delegation.ldif index 69050dfee..1399c7c8c 100644 --- a/install/share/delegation.ldif +++ b/install/share/delegation.ldif @@ -592,18 +592,6 @@ changetype: modify add: aci aci: (targetattr = "enrolledby || objectclass")(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Enroll a host";allow (write) groupdn = "ldap:///cn=enroll_host,cn=permissions,cn=accounts,$SUFFIX";) -# Replica administration - -dn: cn="$SUFFIX",cn=mapping tree,cn=config -changetype: modify -add: aci -aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5Replica)(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0; acl "Manage Replication Agreements"; allow (read, write, search) groupdn = "ldap:///cn=managereplica,cn=permissions,cn=accounts,$SUFFIX";) - -dn: cn="$SUFFIX",cn=mapping tree,cn=config -changetype: modify -add: aci -aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0;acl "Delete Replication Agreements";allow (delete) groupdn = "ldap:///cn=deletereplica,cn=permissions,cn=accounts,$SUFFIX";) - # Entitlement administration dn: $SUFFIX diff --git a/install/share/replica-acis.ldif b/install/share/replica-acis.ldif new file mode 100644 index 000000000..5ee65dacb --- /dev/null +++ b/install/share/replica-acis.ldif @@ -0,0 +1,11 @@ +# Replica administration + +dn: cn="$SUFFIX",cn=mapping tree,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5Replica)(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0; acl "Manage Replication Agreements"; allow (read, write, search) groupdn = "ldap:///cn=managereplica,cn=permissions,cn=accounts,$SUFFIX";) + +dn: cn="$SUFFIX",cn=mapping tree,cn=config +changetype: modify +add: aci +aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0;acl "Delete Replication Agreements";allow (delete) groupdn = "ldap:///cn=deletereplica,cn=permissions,cn=accounts,$SUFFIX";) |