2007-08-29 17:07:05 -05:00
|
|
|
dn: cn=accounts,$SUFFIX
|
2007-06-28 18:09:54 -05:00
|
|
|
changetype: add
|
0000-12-31 18:09:24 -05:50
|
|
|
objectClass: top
|
2007-08-29 17:07:05 -05:00
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: accounts
|
0000-12-31 18:09:24 -05:50
|
|
|
|
2007-08-29 17:07:05 -05:00
|
|
|
dn: cn=users,cn=accounts,$SUFFIX
|
2007-06-28 18:09:54 -05:00
|
|
|
changetype: add
|
0000-12-31 18:09:24 -05:50
|
|
|
objectClass: top
|
2007-08-29 17:07:05 -05:00
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: users
|
0000-12-31 18:09:24 -05:50
|
|
|
|
2007-08-31 17:36:54 -05:00
|
|
|
dn: cn=groups,cn=accounts,$SUFFIX
|
2007-06-28 18:09:54 -05:00
|
|
|
changetype: add
|
0000-12-31 18:09:24 -05:50
|
|
|
objectClass: top
|
2007-08-29 17:07:05 -05:00
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: groups
|
0000-12-31 18:09:24 -05:50
|
|
|
|
0000-12-31 18:09:24 -05:50
|
|
|
dn: cn=services,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: services
|
0000-12-31 18:09:24 -05:50
|
|
|
|
2007-11-30 15:58:02 -06:00
|
|
|
dn: cn=computers,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: computers
|
|
|
|
|
|
2010-12-13 12:23:04 -06:00
|
|
|
dn: cn=hostgroups,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: hostgroups
|
|
|
|
|
|
2018-12-07 06:08:49 -06:00
|
|
|
dn: cn=ipservices,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: ipservices
|
|
|
|
|
|
2010-12-13 12:23:04 -06:00
|
|
|
dn: cn=alt,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: alt
|
|
|
|
|
|
|
|
|
|
dn: cn=ng,cn=alt,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: ng
|
|
|
|
|
|
|
|
|
|
dn: cn=automount,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: automount
|
|
|
|
|
|
|
|
|
|
dn: cn=default,cn=automount,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: default
|
|
|
|
|
|
|
|
|
|
dn: automountmapname=auto.master,cn=default,cn=automount,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: automountMap
|
|
|
|
|
automountMapName: auto.master
|
|
|
|
|
|
|
|
|
|
dn: automountmapname=auto.direct,cn=default,cn=automount,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: automountMap
|
|
|
|
|
automountMapName: auto.direct
|
|
|
|
|
|
2010-12-19 13:23:16 -06:00
|
|
|
dn: description=/- auto.direct,automountmapname=auto.master,cn=default,cn=automount,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: automount
|
|
|
|
|
automountKey: /-
|
|
|
|
|
automountInformation: auto.direct
|
2010-12-19 13:23:16 -06:00
|
|
|
description: /- auto.direct
|
2010-12-13 12:23:04 -06:00
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=hbac,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: hbac
|
|
|
|
|
|
|
|
|
|
dn: cn=hbacservices,cn=hbac,$SUFFIX
|
2010-05-14 08:37:54 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: hbacservices
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=hbacservicegroups,cn=hbac,$SUFFIX
|
2010-05-14 08:37:54 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: hbacservicegroups
|
|
|
|
|
|
2011-01-14 14:27:56 -06:00
|
|
|
dn: cn=sudo,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: sudo
|
|
|
|
|
|
|
|
|
|
dn: cn=sudocmds,cn=sudo,$SUFFIX
|
2010-09-27 15:51:28 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: sudocmds
|
|
|
|
|
|
2011-01-14 14:27:56 -06:00
|
|
|
dn: cn=sudocmdgroups,cn=sudo,$SUFFIX
|
2010-09-27 15:51:28 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: sudocmdgroups
|
|
|
|
|
|
2011-01-14 14:27:56 -06:00
|
|
|
dn: cn=sudorules,cn=sudo,$SUFFIX
|
2009-09-30 09:24:25 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
2011-01-14 14:27:56 -06:00
|
|
|
cn: sudorules
|
2009-09-30 09:24:25 -05:00
|
|
|
|
2007-08-29 17:07:05 -05:00
|
|
|
dn: cn=etc,$SUFFIX
|
2007-08-06 09:05:53 -05:00
|
|
|
changetype: add
|
2007-08-29 17:07:05 -05:00
|
|
|
objectClass: nsContainer
|
2007-08-06 09:05:53 -05:00
|
|
|
objectClass: top
|
2007-08-29 17:07:05 -05:00
|
|
|
cn: etc
|
2007-08-06 09:05:53 -05:00
|
|
|
|
2016-05-12 03:54:20 -05:00
|
|
|
dn: cn=locations,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: locations
|
|
|
|
|
|
2007-08-29 17:07:05 -05:00
|
|
|
dn: cn=sysaccounts,cn=etc,$SUFFIX
|
2007-08-06 09:05:53 -05:00
|
|
|
changetype: add
|
2007-08-29 17:07:05 -05:00
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: sysaccounts
|
|
|
|
|
|
2007-11-06 17:57:15 -06:00
|
|
|
dn: cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ipa
|
|
|
|
|
|
|
|
|
|
dn: cn=masters,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: masters
|
|
|
|
|
|
2011-02-28 16:35:44 -06:00
|
|
|
dn: cn=replicas,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: replicas
|
|
|
|
|
|
2010-11-11 17:15:28 -06:00
|
|
|
dn: cn=dna,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: dna
|
|
|
|
|
|
|
|
|
|
dn: cn=posix-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: posix-ids
|
|
|
|
|
|
2021-03-19 05:48:38 -05:00
|
|
|
dn: cn=subordinate-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: subordinate-ids
|
|
|
|
|
|
2012-07-11 14:51:01 -05:00
|
|
|
dn: cn=ca_renewal,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ca_renewal
|
|
|
|
|
|
2014-06-10 07:05:22 -05:00
|
|
|
dn: cn=certificates,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: certificates
|
|
|
|
|
|
2015-05-08 12:39:29 -05:00
|
|
|
dn: cn=custodia,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: custodia
|
|
|
|
|
|
2016-05-31 17:07:33 -05:00
|
|
|
dn: cn=dogtag,cn=custodia,cn=ipa,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: dogtag
|
|
|
|
|
|
2012-01-10 21:39:26 -06:00
|
|
|
dn: cn=s4u2proxy,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: s4u2proxy
|
|
|
|
|
|
|
|
|
|
dn: cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: ipaKrb5DelegationACL
|
|
|
|
|
objectClass: groupOfPrincipals
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ipa-http-delegation
|
|
|
|
|
memberPrincipal: HTTP/$HOST@$REALM
|
2012-02-15 10:06:54 -06:00
|
|
|
ipaAllowedTarget: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX
|
2012-02-28 05:22:49 -06:00
|
|
|
ipaAllowedTarget: cn=ipa-cifs-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX
|
2012-01-10 21:39:26 -06:00
|
|
|
|
|
|
|
|
dn: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: groupOfPrincipals
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ipa-ldap-delegation-targets
|
|
|
|
|
memberPrincipal: ldap/$HOST@$REALM
|
|
|
|
|
|
2012-02-28 05:22:49 -06:00
|
|
|
dn: cn=ipa-cifs-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: groupOfPrincipals
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ipa-cifs-delegation-targets
|
|
|
|
|
|
2008-05-22 16:55:27 -05:00
|
|
|
dn: uid=admin,cn=users,cn=accounts,$SUFFIX
|
2007-08-29 17:07:05 -05:00
|
|
|
changetype: add
|
2007-08-06 09:05:53 -05:00
|
|
|
objectClass: top
|
|
|
|
|
objectClass: person
|
2009-07-10 05:17:42 -05:00
|
|
|
objectClass: posixaccount
|
|
|
|
|
objectClass: krbprincipalaux
|
2010-01-12 09:30:00 -06:00
|
|
|
objectClass: krbticketpolicyaux
|
2009-07-10 05:17:42 -05:00
|
|
|
objectClass: inetuser
|
2010-10-26 09:26:06 -05:00
|
|
|
objectClass: ipaobject
|
2011-12-07 01:46:23 -06:00
|
|
|
objectClass: ipasshuser
|
2007-08-29 17:07:05 -05:00
|
|
|
uid: admin
|
|
|
|
|
krbPrincipalName: admin@$REALM
|
2020-06-10 11:16:54 -05:00
|
|
|
krbPrincipalName: root@$REALM
|
2007-08-29 17:07:05 -05:00
|
|
|
cn: Administrator
|
|
|
|
|
sn: Administrator
|
2010-11-11 17:15:28 -06:00
|
|
|
uidNumber: $IDSTART
|
|
|
|
|
gidNumber: $IDSTART
|
2007-08-29 17:07:05 -05:00
|
|
|
homeDirectory: /home/admin
|
2019-06-15 09:25:51 -05:00
|
|
|
loginShell: $DEFAULT_ADMIN_SHELL
|
2007-08-29 17:07:05 -05:00
|
|
|
gecos: Administrator
|
2011-07-20 14:44:26 -05:00
|
|
|
nsAccountLock: FALSE
|
2010-10-26 09:26:06 -05:00
|
|
|
ipaUniqueID: autogenerate
|
2007-08-29 17:07:05 -05:00
|
|
|
|
|
|
|
|
dn: cn=admins,cn=groups,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
2007-11-20 09:22:43 -06:00
|
|
|
objectClass: groupofnames
|
2009-07-10 05:17:42 -05:00
|
|
|
objectClass: posixgroup
|
2009-12-01 06:41:47 -06:00
|
|
|
objectClass: ipausergroup
|
2011-04-14 13:37:45 -05:00
|
|
|
objectClass: ipaobject
|
2007-10-04 15:41:19 -05:00
|
|
|
cn: admins
|
2007-08-30 11:23:39 -05:00
|
|
|
description: Account administrators group
|
2010-11-11 17:15:28 -06:00
|
|
|
gidNumber: $IDSTART
|
2008-05-22 16:55:27 -05:00
|
|
|
member: uid=admin,cn=users,cn=accounts,$SUFFIX
|
2011-07-20 14:44:26 -05:00
|
|
|
nsAccountLock: FALSE
|
2011-04-14 13:37:45 -05:00
|
|
|
ipaUniqueID: autogenerate
|
2007-08-06 09:05:53 -05:00
|
|
|
|
2007-08-29 17:07:05 -05:00
|
|
|
dn: cn=ipausers,cn=groups,cn=accounts,$SUFFIX
|
2007-08-06 09:05:53 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
2007-11-20 09:22:43 -06:00
|
|
|
objectClass: groupofnames
|
2009-07-10 05:17:42 -05:00
|
|
|
objectClass: nestedgroup
|
|
|
|
|
objectClass: ipausergroup
|
2011-04-14 13:37:45 -05:00
|
|
|
objectClass: ipaobject
|
2007-11-14 09:49:03 -06:00
|
|
|
description: Default group for all users
|
2007-08-29 17:07:05 -05:00
|
|
|
cn: ipausers
|
2011-04-14 13:37:45 -05:00
|
|
|
ipaUniqueID: autogenerate
|
2007-11-14 09:49:03 -06:00
|
|
|
|
|
|
|
|
dn: cn=editors,cn=groups,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
2007-11-20 09:22:43 -06:00
|
|
|
objectClass: groupofnames
|
2009-07-10 05:17:42 -05:00
|
|
|
objectClass: posixgroup
|
2009-12-01 06:41:47 -06:00
|
|
|
objectClass: ipausergroup
|
2011-04-14 13:37:45 -05:00
|
|
|
objectClass: ipaobject
|
2010-11-11 17:15:28 -06:00
|
|
|
gidNumber: eval($IDSTART+2)
|
2007-11-14 09:49:03 -06:00
|
|
|
description: Limited admins who can edit other users
|
|
|
|
|
cn: editors
|
2011-04-14 13:37:45 -05:00
|
|
|
ipaUniqueID: autogenerate
|
2007-11-16 11:59:32 -06:00
|
|
|
|
2015-12-01 03:42:38 -06:00
|
|
|
dn: cn=ipaservers,cn=hostgroups,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: groupOfNames
|
|
|
|
|
objectClass: nestedGroup
|
|
|
|
|
objectClass: ipaobject
|
|
|
|
|
objectClass: ipahostgroup
|
|
|
|
|
description: IPA server hosts
|
|
|
|
|
cn: ipaservers
|
|
|
|
|
ipaUniqueID: autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=sshd,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: sshd
|
|
|
|
|
description: sshd
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=ftp,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: ftp
|
|
|
|
|
description: ftp
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=su,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: su
|
|
|
|
|
description: su
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=login,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: login
|
|
|
|
|
description: login
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=su-l,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: su-l
|
|
|
|
|
description: su with login shell
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=sudo,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: sudo
|
|
|
|
|
description: sudo
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=sudo-i,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: sudo-i
|
|
|
|
|
description: sudo-i
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2019-01-11 04:18:05 -06:00
|
|
|
dn: cn=systemd-user,cn=hbacservices,cn=hbac,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: systemd-user
|
|
|
|
|
description: pam_systemd and systemd user@.service
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=gdm,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: gdm
|
|
|
|
|
description: gdm
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=gdm-password,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: gdm-password
|
|
|
|
|
description: gdm-password
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-01-18 03:56:17 -06:00
|
|
|
dn: cn=kdm,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectclass: ipahbacservice
|
|
|
|
|
objectclass: ipaobject
|
|
|
|
|
cn: kdm
|
|
|
|
|
description: kdm
|
|
|
|
|
ipauniqueid:autogenerate
|
|
|
|
|
|
2011-02-28 10:44:27 -06:00
|
|
|
dn: cn=Sudo,cn=hbacservicegroups,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: ipaobject
|
|
|
|
|
objectClass: ipahbacservicegroup
|
|
|
|
|
objectClass: nestedGroup
|
|
|
|
|
objectClass: groupOfNames
|
|
|
|
|
objectClass: top
|
2011-02-28 10:44:27 -06:00
|
|
|
cn: Sudo
|
2010-12-13 12:23:04 -06:00
|
|
|
ipauniqueid:autogenerate
|
2011-02-28 10:44:27 -06:00
|
|
|
description: Default group of Sudo related services
|
2011-01-18 03:56:17 -06:00
|
|
|
member: cn=sudo,cn=hbacservices,cn=hbac,$SUFFIX
|
|
|
|
|
member: cn=sudo-i,cn=hbacservices,cn=hbac,$SUFFIX
|
2010-12-13 12:23:04 -06:00
|
|
|
|
0000-12-31 18:09:24 -05:50
|
|
|
dn: cn=ipaConfig,cn=etc,$SUFFIX
|
2007-11-16 11:59:32 -06:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: ipaGuiConfig
|
2010-10-04 14:13:36 -05:00
|
|
|
objectClass: ipaConfigObject
|
2009-07-10 05:17:42 -05:00
|
|
|
ipaUserSearchFields: uid,givenname,sn,telephonenumber,ou,title
|
2007-11-16 11:59:32 -06:00
|
|
|
ipaGroupSearchFields: cn,description
|
|
|
|
|
ipaSearchTimeLimit: 2
|
2010-10-18 16:07:01 -05:00
|
|
|
ipaSearchRecordsLimit: 100
|
2007-11-16 11:59:32 -06:00
|
|
|
ipaHomesRootDir: /home
|
2019-06-15 09:25:51 -05:00
|
|
|
ipaDefaultLoginShell: $DEFAULT_SHELL
|
2007-11-16 11:59:32 -06:00
|
|
|
ipaDefaultPrimaryGroup: ipausers
|
2010-11-10 16:30:01 -06:00
|
|
|
ipaMaxUsernameLength: 32
|
2019-05-01 09:15:37 -05:00
|
|
|
ipaMaxHostnameLength: 64
|
2007-11-16 11:59:32 -06:00
|
|
|
ipaPwdExpAdvNotify: 4
|
2007-12-05 23:30:26 -06:00
|
|
|
ipaGroupObjectClasses: top
|
|
|
|
|
ipaGroupObjectClasses: groupofnames
|
2009-07-10 05:17:42 -05:00
|
|
|
ipaGroupObjectClasses: nestedgroup
|
|
|
|
|
ipaGroupObjectClasses: ipausergroup
|
2009-08-10 15:24:10 -05:00
|
|
|
ipaGroupObjectClasses: ipaobject
|
2007-12-05 23:30:26 -06:00
|
|
|
ipaUserObjectClasses: top
|
|
|
|
|
ipaUserObjectClasses: person
|
2009-07-10 05:17:42 -05:00
|
|
|
ipaUserObjectClasses: organizationalperson
|
|
|
|
|
ipaUserObjectClasses: inetorgperson
|
|
|
|
|
ipaUserObjectClasses: inetuser
|
|
|
|
|
ipaUserObjectClasses: posixaccount
|
|
|
|
|
ipaUserObjectClasses: krbprincipalaux
|
2010-01-12 09:30:00 -06:00
|
|
|
ipaUserObjectClasses: krbticketpolicyaux
|
2009-08-10 15:24:10 -05:00
|
|
|
ipaUserObjectClasses: ipaobject
|
2011-12-07 01:46:23 -06:00
|
|
|
ipaUserObjectClasses: ipasshuser
|
2007-12-10 10:53:00 -06:00
|
|
|
ipaDefaultEmailDomain: $DOMAIN
|
2009-09-04 07:51:28 -05:00
|
|
|
ipaMigrationEnabled: FALSE
|
2010-10-04 14:13:36 -05:00
|
|
|
ipaConfigString: AllowNThash
|
2017-03-22 11:47:04 -05:00
|
|
|
ipaConfigString: KDC:Disable Last Success
|
2019-06-27 03:52:40 -05:00
|
|
|
ipaSELinuxUserMapOrder: $SELINUX_USERMAP_ORDER
|
|
|
|
|
ipaSELinuxUserMapDefault: $SELINUX_USERMAP_DEFAULT
|
2007-11-20 21:45:29 -06:00
|
|
|
|
|
|
|
|
dn: cn=cosTemplates,cn=accounts,$SUFFIX
|
2007-11-26 21:28:53 -06:00
|
|
|
changetype: add
|
2007-11-20 21:45:29 -06:00
|
|
|
objectclass: top
|
|
|
|
|
objectclass: nsContainer
|
|
|
|
|
cn: cosTemplates
|
|
|
|
|
|
2009-10-02 08:30:16 -05:00
|
|
|
# templates for this cos definition are managed by the pwpolicy plugin
|
|
|
|
|
dn: cn=Password Policy,cn=accounts,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
description: Password Policy based on group membership
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: ldapsubentry
|
|
|
|
|
objectClass: cosSuperDefinition
|
|
|
|
|
objectClass: cosClassicDefinition
|
|
|
|
|
cosTemplateDn: cn=cosTemplates,cn=accounts,$SUFFIX
|
2010-10-25 16:58:37 -05:00
|
|
|
cosAttribute: krbPwdPolicyReference override
|
2009-10-02 08:30:16 -05:00
|
|
|
cosSpecifier: memberOf
|
2011-11-23 15:59:21 -06:00
|
|
|
|
|
|
|
|
dn: cn=selinux,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: selinux
|
|
|
|
|
|
|
|
|
|
dn: cn=usermap,cn=selinux,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: usermap
|
|
|
|
|
|
2012-06-12 04:58:41 -05:00
|
|
|
dn: cn=ranges,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
cn: ranges
|
|
|
|
|
|
2012-07-02 07:07:01 -05:00
|
|
|
dn: cn=${REALM}_id_range,cn=ranges,cn=etc,$SUFFIX
|
2012-06-12 04:58:41 -05:00
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: ipaIDrange
|
|
|
|
|
objectClass: ipaDomainIDRange
|
2012-07-02 07:07:01 -05:00
|
|
|
cn: ${REALM}_id_range
|
2012-06-12 04:58:41 -05:00
|
|
|
ipaBaseID: $IDSTART
|
|
|
|
|
ipaIDRangeSize: $IDRANGE_SIZE
|
2013-05-30 07:02:44 -05:00
|
|
|
ipaRangeType: ipa-local
|
2015-04-21 01:24:10 -05:00
|
|
|
|
2021-03-19 05:48:38 -05:00
|
|
|
dn: cn=${REALM}_subid_range,cn=ranges,cn=etc,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: top
|
|
|
|
|
objectClass: ipaIDrange
|
|
|
|
|
objectClass: ipaTrustedADDomainRange
|
|
|
|
|
cn: ${REALM}_subid_range
|
|
|
|
|
ipaBaseID: eval($SUBID_RANGE_START)
|
|
|
|
|
ipaIDRangeSize: eval($SUBID_RANGE_SIZE)
|
|
|
|
|
# HACK: RIDs to work around adtrust sidgen issue
|
2021-05-21 07:56:32 -05:00
|
|
|
ipaBaseRID: eval($SUBID_BASE_RID)
|
2021-03-19 05:48:38 -05:00
|
|
|
# 738065-838566 = IPA-SUB
|
|
|
|
|
ipaNTTrustedDomainSID: S-1-5-21-738065-838566-$DOMAIN_HASH
|
|
|
|
|
# HACK: "ipa-local-subid" range type causes issues with older SSSD clients
|
|
|
|
|
# see https://github.com/SSSD/sssd/issues/5571
|
|
|
|
|
ipaRangeType: ipa-ad-trust
|
|
|
|
|
|
2015-04-21 01:24:10 -05:00
|
|
|
dn: cn=ca,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: ca
|
|
|
|
|
|
|
|
|
|
dn: cn=certprofiles,cn=ca,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: certprofiles
|
2015-05-25 07:39:07 -05:00
|
|
|
|
|
|
|
|
dn: cn=caacls,cn=ca,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: caacls
|
2015-05-14 00:46:06 -05:00
|
|
|
|
|
|
|
|
dn: cn=cas,cn=ca,$SUFFIX
|
|
|
|
|
changetype: add
|
|
|
|
|
objectClass: nsContainer
|
|
|
|
|
objectClass: top
|
|
|
|
|
cn: cas
|
