From 383492866e1c29110e8727ee81cf6dd5e110ab20 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 8 Oct 2009 16:48:04 -0400 Subject: Fix ACI for host delegation We had changed the DN format, I must have missed these ACIs the first go around. --- install/updates/40-delegation.update | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'install/updates') diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update index 079a9f8b5..b07dfc756 100644 --- a/install/updates/40-delegation.update +++ b/install/updates/40-delegation.update @@ -216,10 +216,10 @@ add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX' # Add the ACIs that grant these permissions for host administration dn: $SUFFIX -add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version +add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Add Hosts";allow (add) groupdn = "ldap:///cn=addhosts,cn=taskgroups ,cn=accounts,$SUFFIX";)' -add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version +add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Remove Hosts";allow (delete) groupdn = "ldap:///cn=removehosts,cn= taskgroups,cn=accounts,$SUFFIX";)' add:aci: '(targetattr = "cn || description || l || location || -- cgit