Add S4U2Proxy delegation permissions on upgrades

https://fedorahosted.org/freeipa/ticket/2396
author: Rob Crittenden <rcritten@redhat.com> 2012-02-15 11:16:52 -0500
committer: Martin Kosek <mkosek@redhat.com> 2012-02-15 18:01:04 +0100
commit: ba84130bb3367834979fd54940ec9443f14ab8c7 (patch)
tree: 06d7c2970e7593924f2da50e72b5e8440e93211d
parent: 3357fa3c41430b14713c60a13ad43afcea04dd7d (diff)
download: freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.tar.gz
freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.tar.xz
freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/install/updates/30-s4u2proxy.update b/install/updates/30-s4u2proxy.update
index 15c3f616..392afed6 100644
--- a/install/updates/30-s4u2proxy.update
+++ b/install/updates/30-s4u2proxy.update
@@ -16,3 +16,9 @@ default: objectClass: groupOfPrincipals
 default: objectClass: top
 default: cn: ipa-ldap-delegation-targets
 default: memberPrincipal: ldap/$FQDN@$REALM
+
+dn: cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX
+add: memberPrincipal: HTTP/$FQDN@$REALM
+
+dn: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX
+add: memberPrincipal: ldap/$FQDN@$REALM
author	Rob Crittenden <rcritten@redhat.com>	2012-02-15 11:16:52 -0500
committer	Martin Kosek <mkosek@redhat.com>	2012-02-15 18:01:04 +0100
commit	ba84130bb3367834979fd54940ec9443f14ab8c7 (patch)
tree	06d7c2970e7593924f2da50e72b5e8440e93211d
parent	3357fa3c41430b14713c60a13ad43afcea04dd7d (diff)
download	freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.tar.gz freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.tar.xz freeipa.git-ba84130bb3367834979fd54940ec9443f14ab8c7.zip