diff options
author | Simo Sorce <ssorce@redhat.com> | 2007-08-29 18:07:05 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2007-08-29 18:07:05 -0400 |
commit | bebc413366506f4d19d98c8bb33041094beff117 (patch) | |
tree | 009e7501675903886d6b24c903a4fb8799063aa9 /ipa-server/ipa-install/share/kerberos.ldif | |
parent | 46eeca740ee4d66bfd4f062896220dfb5527f5b6 (diff) | |
download | freeipa-bebc413366506f4d19d98c8bb33041094beff117.tar.gz freeipa-bebc413366506f4d19d98c8bb33041094beff117.tar.xz freeipa-bebc413366506f4d19d98c8bb33041094beff117.zip |
Finalize DIT, this is waht we are probably going to have in the end,
or something very close to this one
Add default groups and admin user
TODO: need to discuss more in deep uid/gid generation, this will
probably change as soon as the DNA plugin is activated
Diffstat (limited to 'ipa-server/ipa-install/share/kerberos.ldif')
-rw-r--r-- | ipa-server/ipa-install/share/kerberos.ldif | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/ipa-server/ipa-install/share/kerberos.ldif b/ipa-server/ipa-install/share/kerberos.ldif index ae4564f6f..0ffc2bba0 100644 --- a/ipa-server/ipa-install/share/kerberos.ldif +++ b/ipa-server/ipa-install/share/kerberos.ldif @@ -1,26 +1,35 @@ -#kerberos base object -dn: cn=kerberos,$SUFFIX -changetype: add -objectClass: krbContainer -objectClass: top -cn: kerberos -aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow(all)userdn= "ldap:///uid=kdc,cn=kerberos,$SUFFIX";) - #kerberos user -dn: uid=kdc,cn=kerberos,$SUFFIX +dn: uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX changetype: add objectclass: account objectclass: simplesecurityobject uid: kdc userPassword: $PASSWORD +#kerberos base object +dn: cn=kerberos,$SUFFIX +changetype: add +objectClass: krbContainer +objectClass: top +cn: kerberos +aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow (all) userdn= "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";) + #sasl mapping -dn: cn=kerberos,cn=mapping,cn=sasl,cn=config +dn: cn=fullprinc,cn=mapping,cn=sasl,cn=config changetype: add objectclass: top objectclass: nsSaslMapping -cn: kerberos +cn: fullprinc nsSaslMapRegexString: \(.*\)@\(.*\) nsSaslMapBaseDNTemplate: $SUFFIX nsSaslMapFilterTemplate: (krbPrincipalName=\1@\2) +dn: cn=justname,cn=mapping,cn=sasl,cn=config +changetype: add +objectclass: top +objectclass: nsSaslMapping +cn: justname +nsSaslMapRegexString: \(.*\) +nsSaslMapBaseDNTemplate: $SUFFIX +nsSaslMapFilterTemplate: (krbPrincipalName=\1@$REALM) + |