From 6a5c4763afad6fec2b49ffadbca9628a7ed162d5 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Thu, 11 Nov 2010 18:15:28 -0500
Subject: id ranges: change DNA configuration

Change the way we specify the id ranges to force uid and gid ranges to always
be the same. Add option to specify a maximum id.

Change DNA configuration to use shared ranges so that masters and replicas can
actually share the same overall range in a safe way.

Configure replicas so that their default range is depleted. This will force
them to fetch a range portion from the master on the first install.

fixes: https://fedorahosted.org/freeipa/ticket/198
---
 install/share/dna.ldif | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 install/share/dna.ldif

(limited to 'install/share/dna.ldif')

diff --git a/install/share/dna.ldif b/install/share/dna.ldif
new file mode 100644
index 00000000..5707d3a6
--- /dev/null
+++ b/install/share/dna.ldif
@@ -0,0 +1,17 @@
+# add plugin configuration for user private groups
+
+dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
+changetype: add
+objectclass: top
+objectclass: extensibleObject
+cn: Posix IDs
+dnaType: uidNumber
+dnaType: gidNumber
+dnaNextValue: eval($IDSTART)
+dnaMaxValue: eval($IDMAX)
+dnaMagicRegen: 999
+dnaFilter: (|(objectclass=posixAccount)(objectClass=posixGroup))
+dnaScope: $SUFFIX
+dnaThreshold: 500
+dnaSharedCfgDN: cn=posix-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
+
-- 
cgit