Added some attributes to Modify Users permission

Added 'employeenumber', 'departmentnumber' and 'mail' to Modify Users permission https://fedorahosted.org/freeipa/ticket/5911#comment:2 Reviewed-By: Martin Basti <mbasti@redhat.com>
author: Stanislav Laznicka <slaznick@redhat.com> 2016-05-27 13:27:03 +0200
committer: Martin Basti <mbasti@redhat.com> 2016-05-29 14:13:12 +0200
commit: 1ce63e6193701679f539f7c83ddee9f65056b806 (patch)
tree: 0132f4ac9ecbf427e381100f9bfd01bb51632932 /ACI.txt
parent: 4bafba06f2b8cc51cd95a725e1c8adf7bbf9a5fc (diff)
download: freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.tar.gz
freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.tar.xz
freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ACI.txt b/ACI.txt
index ae00cf7a1..01234e434 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -313,7 +313,7 @@ aci: (targetattr = "usercertificate")(targetfilter = "(objectclass=posixaccount)
 dn: cn=users,cn=accounts,dc=ipa,dc=example
 aci: (targetattr = "ipasshpubkey")(targetfilter = "(objectclass=posixaccount)")(version 3.0;acl "permission:System: Manage User SSH Public Keys";allow (write) groupdn = "ldap:///cn=System: Manage User SSH Public Keys,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: cn=users,cn=accounts,dc=ipa,dc=example
-aci: (targetattr = "businesscategory || carlicense || cn || description || displayname || employeetype || facsimiletelephonenumber || gecos || givenname || homephone || inetuserhttpurl || initials || l || labeleduri || loginshell || manager || mepmanagedentry || mobile || objectclass || ou || pager || postalcode || preferredlanguage || roomnumber || secretary || seealso || sn || st || street || telephonenumber || title || userclass")(targetfilter = "(objectclass=posixaccount)")(version 3.0;acl "permission:System: Modify Users";allow (write) groupdn = "ldap:///cn=System: Modify Users,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "businesscategory || carlicense || cn || departmentnumber || description || displayname || employeenumber || employeetype || facsimiletelephonenumber || gecos || givenname || homephone || inetuserhttpurl || initials || l || labeleduri || loginshell || mail || manager || mepmanagedentry || mobile || objectclass || ou || pager || postalcode || preferredlanguage || roomnumber || secretary || seealso || sn || st || street || telephonenumber || title || userclass")(targetfilter = "(objectclass=posixaccount)")(version 3.0;acl "permission:System: Modify Users";allow (write) groupdn = "ldap:///cn=System: Modify Users,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,dc=ipa,dc=example
 aci: (targetattr = "*")(target = "ldap:///cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,dc=ipa,dc=example")(version 3.0;acl "permission:System: Read UPG Definition";allow (compare,read,search) groupdn = "ldap:///cn=System: Read UPG Definition,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: cn=users,cn=accounts,dc=ipa,dc=example
author	Stanislav Laznicka <slaznick@redhat.com>	2016-05-27 13:27:03 +0200
committer	Martin Basti <mbasti@redhat.com>	2016-05-29 14:13:12 +0200
commit	1ce63e6193701679f539f7c83ddee9f65056b806 (patch)
tree	0132f4ac9ecbf427e381100f9bfd01bb51632932 /ACI.txt
parent	4bafba06f2b8cc51cd95a725e1c8adf7bbf9a5fc (diff)
download	freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.tar.gz freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.tar.xz freeipa-1ce63e6193701679f539f7c83ddee9f65056b806.zip