IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix ACI for host delegation

Browse Source 
We had changed the DN format, I must have missed these ACIs the first
go around.
This commit is contained in:
Rob Crittenden 2009-10-08 16:48:04 -04:00 committed by Jason Gerard DeRose
parent f838e7e18b
commit 383492866e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
install/updates/40-delegation.update
View File

@ -216,10 +216,10 @@ add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX'
# Add the ACIs that grant these permissions for host administration
dn: $SUFFIX
add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version
add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
3.0;acl "Add Hosts";allow (add) groupdn = "ldap:///cn=addhosts,cn=taskgroups
,cn=accounts,$SUFFIX";)'
add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version
add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
3.0;acl "Remove Hosts";allow (delete) groupdn = "ldap:///cn=removehosts,cn=
taskgroups,cn=accounts,$SUFFIX";)'
add:aci: '(targetattr = "cn || description || l || location ||