Add RADIUS proxy support to ipalib CLI

https://fedorahosted.org/freeipa/ticket/3368
2025-02-25 18:55:28 -06:00 · 2013-11-11 17:58:02 -04:00
parent efffcfdbc2
commit 4cb2c2813d
10 changed files with 330 additions and 18 deletions
--- a/install/updates/40-otp.update
+++ b/install/updates/40-otp.update
@@ -7,3 +7,8 @@ dn: $SUFFIX
 add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "objectclass || ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can read basic token info"; allow (read, search, compare) userattr = "ipatokenOwner#USERDN";)'
 add: aci:'(targetfilter = "(objectClass=ipaToken)")(targetattrs = "ipatokenUniqueID || description || ipatokenOwner || ipatokenNotBefore || ipatokenNotAfter || ipatokenVendor || ipatokenModel || ipatokenSerial")(version 3.0; acl "Users can write basic token info"; allow (write) userattr = "ipatokenOwner#USERDN";)'
 add: aci:'(targetfilter = "(objectClass=ipatokenTOTP)")(targetattrs = "ipatokenOTPkey || ipatokenOTPalgorithm || ipatokenOTPdigits || ipatokenTOTPclockOffset || ipatokenTOTPtimeStep")(version 3.0; acl "Users can add TOTP token secrets"; allow (write, search) userattr = "ipatokenOwner#USERDN";)'
+
+dn: cn=radiusproxy,$SUFFIX
+default: objectClass: nsContainer
+default: objectClass: top
+default: cn: radiusproxy