2012-09-13 14:11:57 -05:00
|
|
|
dn: cn=sudorule name uniqueness,cn=plugins,cn=config
|
|
|
|
default:objectClass: top
|
|
|
|
default:objectClass: nsSlapdPlugin
|
|
|
|
default:objectClass: extensibleObject
|
|
|
|
default:cn: sudorule name uniqueness
|
|
|
|
default:nsslapd-pluginDescription: Enforce unique attribute values
|
|
|
|
default:nsslapd-pluginPath: libattr-unique-plugin
|
|
|
|
default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
|
|
|
|
default:nsslapd-pluginType: preoperation
|
|
|
|
default:nsslapd-pluginEnabled: on
|
2015-02-23 09:09:25 -06:00
|
|
|
default:uniqueness-attribute-name: cn
|
|
|
|
default:uniqueness-subtrees: cn=sudorules,cn=sudo,$SUFFIX
|
2012-09-13 14:11:57 -05:00
|
|
|
default:nsslapd-plugin-depends-on-type: database
|
|
|
|
default:nsslapd-pluginId: NSUniqueAttr
|
|
|
|
default:nsslapd-pluginVersion: 1.1.0
|
|
|
|
default:nsslapd-pluginVendor: Fedora Project
|
2014-06-10 07:06:28 -05:00
|
|
|
|
|
|
|
dn: cn=certificate store subject uniqueness,cn=plugins,cn=config
|
|
|
|
default:objectClass: top
|
|
|
|
default:objectClass: nsSlapdPlugin
|
|
|
|
default:objectClass: extensibleObject
|
|
|
|
default:cn: certificate store subject uniqueness
|
|
|
|
default:nsslapd-pluginDescription: Enforce unique attribute values
|
|
|
|
default:nsslapd-pluginPath: libattr-unique-plugin
|
|
|
|
default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
|
|
|
|
default:nsslapd-pluginType: preoperation
|
|
|
|
default:nsslapd-pluginEnabled: on
|
2015-02-23 09:09:25 -06:00
|
|
|
default:uniqueness-attribute-name: ipaCertSubject
|
|
|
|
default:uniqueness-subtrees: cn=certificates,cn=ipa,cn=etc,$SUFFIX
|
2014-06-10 07:06:28 -05:00
|
|
|
default:nsslapd-plugin-depends-on-type: database
|
|
|
|
default:nsslapd-pluginId: NSUniqueAttr
|
|
|
|
default:nsslapd-pluginVersion: 1.1.0
|
|
|
|
default:nsslapd-pluginVendor: Fedora Project
|
|
|
|
|
|
|
|
dn: cn=certificate store issuer/serial uniqueness,cn=plugins,cn=config
|
|
|
|
default:objectClass: top
|
|
|
|
default:objectClass: nsSlapdPlugin
|
|
|
|
default:objectClass: extensibleObject
|
|
|
|
default:cn: certificate store issuer/serial uniqueness
|
|
|
|
default:nsslapd-pluginDescription: Enforce unique attribute values
|
|
|
|
default:nsslapd-pluginPath: libattr-unique-plugin
|
|
|
|
default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
|
|
|
|
default:nsslapd-pluginType: preoperation
|
|
|
|
default:nsslapd-pluginEnabled: on
|
2015-02-23 09:09:25 -06:00
|
|
|
default:uniqueness-attribute-name: ipaCertIssuerSerial
|
|
|
|
default:uniqueness-subtrees: cn=certificates,cn=ipa,cn=etc,$SUFFIX
|
2014-06-10 07:06:28 -05:00
|
|
|
default:nsslapd-plugin-depends-on-type: database
|
|
|
|
default:nsslapd-pluginId: NSUniqueAttr
|
|
|
|
default:nsslapd-pluginVersion: 1.1.0
|
|
|
|
default:nsslapd-pluginVendor: Fedora Project
|
User Life Cycle: create containers and scoping DS plugins
User Life Cycle is designed http://www.freeipa.org/page/V4/User_Life-Cycle_Management
It manages 3 containers (Staging, Active, Delete). At install/upgrade Delete and Staging
containers needs to be created.
Active: cn=users,cn=accounts,$SUFFIX
Delete: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
Stage: cn=staged users ,cn=accounts,cn=provisioning,$SUFFIX
Plugins scopes:
krbPrincipalName, krbCanonicalName, ipaUniqueID, uid:
cn=accounts,SUFFIX
cn=deleted users,cn=accounts,cn=provisioning,SUFFIX
DNA:
cn=accounts,SUFFIX
Plugins exclude subtree:
IPA UUID, Referential Integrity, memberOf:
cn=provisioning,SUFFIX
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2014-08-07 09:29:02 -05:00
|
|
|
|
2015-02-23 10:46:46 -06:00
|
|
|
dn: cn=uid uniqueness,cn=plugins,cn=config
|
|
|
|
default:objectClass: top
|
|
|
|
default:objectClass: nsSlapdPlugin
|
|
|
|
default:objectClass: extensibleObject
|
|
|
|
default:cn: uid uniqueness
|
|
|
|
default:nsslapd-pluginPath: libattr-unique-plugin
|
|
|
|
default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
|
|
|
|
default:nsslapd-pluginType: preoperation
|
|
|
|
default:nsslapd-pluginEnabled: on
|
|
|
|
default:uniqueness-attribute-name: uid
|
2015-05-12 11:11:07 -05:00
|
|
|
default:uniqueness-subtrees: $SUFFIX
|
2015-05-20 07:51:09 -05:00
|
|
|
default:uniqueness-exclude-subtrees: cn=compat,$SUFFIX
|
2015-05-12 11:11:07 -05:00
|
|
|
default:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
|
2015-02-23 10:46:46 -06:00
|
|
|
default:uniqueness-across-all-subtrees: on
|
|
|
|
default:uniqueness-subtree-entries-oc: posixAccount
|
|
|
|
default:nsslapd-plugin-depends-on-type: database
|
|
|
|
default:nsslapd-pluginId: NSUniqueAttr
|
|
|
|
default:nsslapd-pluginVersion: 1.1.0
|
|
|
|
default:nsslapd-pluginVendor: Fedora Project
|
|
|
|
default:nsslapd-pluginDescription: Enforce unique attribute values
|
|
|
|
|
User Life Cycle: create containers and scoping DS plugins
User Life Cycle is designed http://www.freeipa.org/page/V4/User_Life-Cycle_Management
It manages 3 containers (Staging, Active, Delete). At install/upgrade Delete and Staging
containers needs to be created.
Active: cn=users,cn=accounts,$SUFFIX
Delete: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
Stage: cn=staged users ,cn=accounts,cn=provisioning,$SUFFIX
Plugins scopes:
krbPrincipalName, krbCanonicalName, ipaUniqueID, uid:
cn=accounts,SUFFIX
cn=deleted users,cn=accounts,cn=provisioning,SUFFIX
DNA:
cn=accounts,SUFFIX
Plugins exclude subtree:
IPA UUID, Referential Integrity, memberOf:
cn=provisioning,SUFFIX
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2014-08-07 09:29:02 -05:00
|
|
|
# uid uniqueness scopes Active/Delete containers
|
2015-02-23 10:46:46 -06:00
|
|
|
dn: cn=uid uniqueness,cn=plugins,cn=config
|
2015-05-20 07:51:09 -05:00
|
|
|
add:uniqueness-exclude-subtrees: cn=compat,$SUFFIX
|
2015-05-12 11:11:07 -05:00
|
|
|
add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
|
2015-02-23 10:46:46 -06:00
|
|
|
remove:uniqueness-across-all-subtrees: off
|
|
|
|
add:uniqueness-across-all-subtrees: on
|
|
|
|
add:uniqueness-subtree-entries-oc: posixAccount
|
User Life Cycle: create containers and scoping DS plugins
User Life Cycle is designed http://www.freeipa.org/page/V4/User_Life-Cycle_Management
It manages 3 containers (Staging, Active, Delete). At install/upgrade Delete and Staging
containers needs to be created.
Active: cn=users,cn=accounts,$SUFFIX
Delete: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
Stage: cn=staged users ,cn=accounts,cn=provisioning,$SUFFIX
Plugins scopes:
krbPrincipalName, krbCanonicalName, ipaUniqueID, uid:
cn=accounts,SUFFIX
cn=deleted users,cn=accounts,cn=provisioning,SUFFIX
DNA:
cn=accounts,SUFFIX
Plugins exclude subtree:
IPA UUID, Referential Integrity, memberOf:
cn=provisioning,SUFFIX
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2014-08-07 09:29:02 -05:00
|
|
|
|
|
|
|
# krbPrincipalName uniqueness scopes Active/Delete containers
|
|
|
|
dn: cn=krbPrincipalName uniqueness,cn=plugins,cn=config
|
2015-05-12 11:11:07 -05:00
|
|
|
add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
|
2015-02-23 10:46:46 -06:00
|
|
|
add:uniqueness-across-all-subtrees: on
|
User Life Cycle: create containers and scoping DS plugins
User Life Cycle is designed http://www.freeipa.org/page/V4/User_Life-Cycle_Management
It manages 3 containers (Staging, Active, Delete). At install/upgrade Delete and Staging
containers needs to be created.
Active: cn=users,cn=accounts,$SUFFIX
Delete: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
Stage: cn=staged users ,cn=accounts,cn=provisioning,$SUFFIX
Plugins scopes:
krbPrincipalName, krbCanonicalName, ipaUniqueID, uid:
cn=accounts,SUFFIX
cn=deleted users,cn=accounts,cn=provisioning,SUFFIX
DNA:
cn=accounts,SUFFIX
Plugins exclude subtree:
IPA UUID, Referential Integrity, memberOf:
cn=provisioning,SUFFIX
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2014-08-07 09:29:02 -05:00
|
|
|
|
|
|
|
# krbCanonicalName uniqueness scopes Active/Delete containers
|
|
|
|
dn: cn=krbCanonicalName uniqueness,cn=plugins,cn=config
|
2015-05-12 11:11:07 -05:00
|
|
|
add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
|
2015-02-23 10:46:46 -06:00
|
|
|
add:uniqueness-across-all-subtrees: on
|
User Life Cycle: create containers and scoping DS plugins
User Life Cycle is designed http://www.freeipa.org/page/V4/User_Life-Cycle_Management
It manages 3 containers (Staging, Active, Delete). At install/upgrade Delete and Staging
containers needs to be created.
Active: cn=users,cn=accounts,$SUFFIX
Delete: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
Stage: cn=staged users ,cn=accounts,cn=provisioning,$SUFFIX
Plugins scopes:
krbPrincipalName, krbCanonicalName, ipaUniqueID, uid:
cn=accounts,SUFFIX
cn=deleted users,cn=accounts,cn=provisioning,SUFFIX
DNA:
cn=accounts,SUFFIX
Plugins exclude subtree:
IPA UUID, Referential Integrity, memberOf:
cn=provisioning,SUFFIX
https://fedorahosted.org/freeipa/ticket/3813
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2014-08-07 09:29:02 -05:00
|
|
|
|
|
|
|
# ipaUniqueID uniqueness scopes Active/Delete containers
|
|
|
|
dn: cn=ipaUniqueID uniqueness,cn=plugins,cn=config
|
2015-05-12 11:11:07 -05:00
|
|
|
add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
|
2015-02-23 10:46:46 -06:00
|
|
|
add:uniqueness-across-all-subtrees: on
|
2017-12-06 19:52:54 -06:00
|
|
|
|
|
|
|
dn: cn=caacl name uniqueness,cn=plugins,cn=config
|
|
|
|
default:objectClass: top
|
|
|
|
default:objectClass: nsSlapdPlugin
|
|
|
|
default:objectClass: extensibleObject
|
|
|
|
default:cn: caacl name uniqueness
|
|
|
|
default:nsslapd-pluginDescription: Enforce unique attribute values
|
|
|
|
default:nsslapd-pluginPath: libattr-unique-plugin
|
|
|
|
default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
|
|
|
|
default:nsslapd-pluginType: preoperation
|
|
|
|
default:nsslapd-pluginEnabled: on
|
|
|
|
default:uniqueness-attribute-name: cn
|
|
|
|
default:uniqueness-subtrees: cn=caacls,cn=ca,$SUFFIX
|
|
|
|
default:nsslapd-plugin-depends-on-type: database
|
|
|
|
default:nsslapd-pluginId: NSUniqueAttr
|
|
|
|
default:nsslapd-pluginVersion: 1.1.0
|
|
|
|
default:nsslapd-pluginVendor: Fedora Project
|