mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Make sure ipapwd_extop takes precedence over passwd_modify_extop
DS core server provides a default plugin (passwd_modify_extop) to handle 1.3.6.1.4.1.4203.1.11.1 extended op (https://www.ietf.org/rfc/rfc3062.txt) IPA delivers ipa_pwd_extop plugin that should take precedence over the default DS plugin (passwd_modify_extop) In addition make sure that slapi-nis has a low precedence Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
parent
91d6d87ca7
commit
8192e2f8c1
@ -16,7 +16,7 @@ default:nsslapd-pluginid: schema-compat-plugin
|
||||
# We need to run schema-compat pre-bind callback before
|
||||
# other IPA pre-bind callbacks to make sure bind DN is
|
||||
# rewritten to the original entry if needed
|
||||
default:nsslapd-pluginprecedence: 49
|
||||
default:nsslapd-pluginprecedence: 40
|
||||
default:nsslapd-pluginversion: 0.8
|
||||
default:nsslapd-pluginbetxn: on
|
||||
default:nsslapd-pluginvendor: redhat.com
|
||||
|
9
install/updates/10-ipapwd.update
Normal file
9
install/updates/10-ipapwd.update
Normal file
@ -0,0 +1,9 @@
|
||||
dn: cn=ipa_pwd_extop,cn=plugins,cn=config
|
||||
# DS core server provides a default plugin (passwd_modify_extop) to handle
|
||||
# 1.3.6.1.4.1.4203.1.11.1 extended op (https://www.ietf.org/rfc/rfc3062.txt)
|
||||
# the pluginprecedence of the passwd_modify_extop is 50 (default value)
|
||||
#
|
||||
# IPA delivers ipa_pwd_extop plugin to handle that extended op
|
||||
# we need to make sure ipa_pwd_extop is called and so to set a lower
|
||||
# precedence value
|
||||
add:nsslapd-pluginprecedence: 49
|
@ -74,7 +74,7 @@ dn: cn=Schema Compatibility,cn=plugins,cn=config
|
||||
# We need to run schema-compat pre-bind callback before
|
||||
# other IPA pre-bind callbacks to make sure bind DN is
|
||||
# rewritten to the original entry if needed
|
||||
add:nsslapd-pluginprecedence: 49
|
||||
add:nsslapd-pluginprecedence: 40
|
||||
|
||||
dn: cn=users,cn=Schema Compatibility,cn=plugins,cn=config
|
||||
add:schema-compat-entry-attribute: %ifeq("ipauniqueid","%{ipauniqueid}","objectclass=ipaOverrideTarget","")
|
||||
|
Loading…
Reference in New Issue
Block a user