diff options
author | Petr Viktorin <pviktori@redhat.com> | 2013-01-08 04:10:35 -0500 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-03-11 17:07:07 +0100 |
commit | 91606e6679f3a18b1c1789efd240eed982a563d4 (patch) | |
tree | a002e8fbc837058f6c1d9178cbefadcd03b7d6f2 /daemons | |
parent | 8d432353cc1e66b235e928650764f879c24d19f7 (diff) | |
download | freeipa.git-91606e6679f3a18b1c1789efd240eed982a563d4.tar.gz freeipa.git-91606e6679f3a18b1c1789efd240eed982a563d4.tar.xz freeipa.git-91606e6679f3a18b1c1789efd240eed982a563d4.zip |
Change DNA magic value to -1 to make UID 999 usable
Change user-add's uid & gid parameters from autofill to optional.
Change the DNA magic value to -1.
For old clients, which will still send 999 when they want DNA
assignment, translate the 999 to -1. This is done via a new
capability, optional_uid_params.
Tests included
https://fedorahosted.org/freeipa/ticket/2886
Diffstat (limited to 'daemons')
-rw-r--r-- | daemons/ipa-sam/ipa_sam.c | 2 | ||||
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/daemons/ipa-sam/ipa_sam.c b/daemons/ipa-sam/ipa_sam.c index b9fc00c8..dd3ad617 100644 --- a/daemons/ipa-sam/ipa_sam.c +++ b/daemons/ipa-sam/ipa_sam.c @@ -101,7 +101,7 @@ bool secrets_store(const char *key, const void *data, size_t size); /* available #define IPA_KEYTAB_SET_OID "2.16.840.1.113730.3.8.10.1" #define IPA_KEYTAB_SET_OID_OLD "2.16.840.1.113730.3.8.3.1" -#define IPA_MAGIC_ID_STR "999" +#define IPA_MAGIC_ID_STR "-1" #define LDAP_ATTRIBUTE_CN "cn" #define LDAP_ATTRIBUTE_UID "uid" diff --git a/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif index b646c2b1..08b43277 100644 --- a/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif +++ b/daemons/ipa-slapi-plugins/ipa-winsync/ipa-winsync-conf.ldif @@ -24,5 +24,5 @@ ipaWinSyncDefaultGroupAttr: ipaDefaultPrimaryGroup ipaWinSyncDefaultGroupFilter: (gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames) ipaWinSyncAcctDisable: both ipaWinSyncForceSync: true -ipaWinSyncUserAttr: uidNumber 999 -ipaWinSyncUserAttr: gidNumber 999 +ipaWinSyncUserAttr: uidNumber -1 +ipaWinSyncUserAttr: gidNumber -1 |