IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add separate role group for enrolling hosts, enrollhost

Browse Source
This commit is contained in:
Rob Crittenden 2010-06-02 14:00:05 -04:00
parent c42684ad5b
commit 8c6c93125f
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
install/updates/40-delegation.update
View File

@ -79,6 +79,12 @@ add:cn: replicaadmin
add:description: Replication Administrators
add:member:'uid=admin,cn=users,cn=accounts,$SUFFIX'
dn: cn=enrollhost,cn=rolegroups,cn=accounts,$SUFFIX
add:objectClass: top
add:objectClass: nestedgroup
add:cn: enrollhost
add:description: Host Enrollment
# Add the taskgroups referenced by the ACIs for user administration
dn: cn=taskgroups,cn=accounts,$SUFFIX
@ -465,6 +471,7 @@ add:objectClass: nestedgroup
add:cn: manage_host_keytab
add:description: Manage host keytab
add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX'
add:member:'cn=enrollhost,cn=rolegroups,cn=accounts,$SUFFIX'
# Add the ACI needed to do host keytab admin
dn: $SUFFIX
@ -482,6 +489,7 @@ add:objectClass: nestedgroup
add:cn: enroll_host
add:description: Enroll a host
add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX'
add:member:'cn=enrollhost,cn=rolegroups,cn=accounts,$SUFFIX'
# Add the ACI needed to do host enrollment. When this occurs we
# set the krbPrincipalName, add krbPrincipalAux to objectClass and