summaryrefslogtreecommitdiffstats
path: root/install/updates/73-certmap.update
diff options
context:
space:
mode:
Diffstat (limited to 'install/updates/73-certmap.update')
-rw-r--r--install/updates/73-certmap.update23
1 files changed, 23 insertions, 0 deletions
diff --git a/install/updates/73-certmap.update b/install/updates/73-certmap.update
new file mode 100644
index 000000000..ecb3db353
--- /dev/null
+++ b/install/updates/73-certmap.update
@@ -0,0 +1,23 @@
+# Configuration for Certificate Identity Mapping
+dn: cn=certmap,$SUFFIX
+default:objectclass: top
+default:objectclass: nsContainer
+default:objectclass: ipaCertMapConfigObject
+default:cn: certmap
+default:ipaCertMapPromptUsername: FALSE
+
+dn: cn=certmaprules,cn=certmap,$SUFFIX
+default:objectclass: top
+default:objectclass: nsContainer
+default:cn: certmaprules
+
+# Certificate Identity Mapping Administrators
+dn: cn=Certificate Identity Mapping Administrators,cn=privileges,cn=pbac,$SUFFIX
+default:objectClass: top
+default:objectClass: groupofnames
+default:objectClass: nestedgroup
+default:cn: Certificate Identity Mapping Administrators
+default:description: Certificate Identity Mapping Administrators
+
+dn: $SUFFIX
+add:aci: (targetattr = "ipacertmapdata")(targattrfilters="add=objectclass:(objectclass=ipacertmapobject)")(version 3.0;acl "selfservice:Users can manage their own X.509 certificate identity mappings";allow (write) userdn = "ldap:///self";)
generated by cgit (git 2.34.1) at 2024-05-28 01:27:10 +0000