IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity
a21214cb9e
freeipa/install/updates/73-passkey.update

17 lines
709 B
Plaintext
Raw Normal View History

API: add new commands for ipa passkeyconfig-show | mod Currently supports a single parameter: --require-user-verification [ 'on', 'off', 'default'] Related: https://pagure.io/freeipa/issue/9261 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2022-09-05 08:37:49 -05:00
# Configuration for Passkey Authentication
dn: cn=passkeyconfig,cn=etc,$SUFFIX
default:objectclass: top
default:objectclass: nscontainer
default:objectclass: ipaPasskeyConfigObject
default:ipaRequireUserVerification: default
# Passkey Administrators
dn: cn=Passkey Administrators,cn=privileges,cn=pbac,$SUFFIX
default:objectClass: top
default:objectClass: groupofnames
default:objectClass: nestedgroup
default:cn: Passkey Administrators
default:description: Passkey Administrators
API: add new commands for passkey mappings - ipa user-add-passkey - ipa user-remove-passkey - ipa stageuser-add-passkey - ipa stageuser-remove-passkey Fixes: https://pagure.io/freeipa/issue/9261 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2022-09-05 08:39:58 -05:00
dn: $SUFFIX
add:aci: (targetattr = "ipapasskey")(targattrfilters="add=objectclass:(objectclass=ipapasskeyuser)")(version 3.0;acl "selfservice:Users can manage their own passkey mappings";allow (write) userdn = "ldap:///self";)
Reference in New Issue Copy Permalink