From a0d8d87b97a5452506f2374205040f2f3a762ace Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 18 Nov 2007 15:02:26 -0500 Subject: [PATCH] Fix installation Add missing schema for GUI Config, and missing objectclass for cn=accounts container --- ipa-server/ipa-install/share/60ipaconfig.ldif | 37 +++++++++++++++++++ ipa-server/ipa-install/share/Makefile.am | 1 + .../ipa-install/share/bootstrap-template.ldif | 1 + ipa-server/ipaserver/dsinstance.py | 2 + 4 files changed, 41 insertions(+) create mode 100644 ipa-server/ipa-install/share/60ipaconfig.ldif diff --git a/ipa-server/ipa-install/share/60ipaconfig.ldif b/ipa-server/ipa-install/share/60ipaconfig.ldif new file mode 100644 index 000000000..e15d4a417 --- /dev/null +++ b/ipa-server/ipa-install/share/60ipaconfig.ldif @@ -0,0 +1,37 @@ +## schema file for ipa configuration +## +## IPA Base OID: 2.16.840.1.113730.3.8 +## +## Attributes: 2.16.840.1.113730.3.8.1 +## ObjectClasses: 2.16.840.1.113730.3.8.2 +dn: cn=schema +############################################### +## +## Attributes +## +## ipaUserSearchFields - attribute names to search against when looking for users +attributetypes: ( 2.16.840.1.113730.3.8.1.1 NAME 'ipaUserSearchFields' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) +## ipaGroupSearchFields - attribute names to search against when looking for groups +attributetypes: ( 2.16.840.1.113730.3.8.1.2 NAME 'ipaGroupSearchFields' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) +## ipaSearchTimeLimit - search time limit in seconds +attributetypes: ( 2.16.840.1.113730.3.8.1.3 NAME 'ipaSearchTimeLimit' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +## ipaSearchRecordsLimit - maximum number of records to return +attributetypes: ( 2.16.840.1.113730.3.8.1.4 NAME 'ipaSearchRecordsLimit' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +## ipaCustomFields - custom fields to show in the UI in addition to pre-defined ones +attributetypes: ( 2.16.840.1.113730.3.8.1.5 NAME 'ipaCustomFields' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +## ipaHomesRootDir - default posix home directory root dir to use when creating new accounts +attributetypes: ( 2.16.840.1.113730.3.8.1.6 NAME 'ipaHomesRootDir' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) +## ipaDefaultLoginShell - default posix login shell to use when creating new accounts +attributetypes: ( 2.16.840.1.113730.3.8.1.7 NAME 'ipaDefaultLoginShell' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) +## ipaDefaultPrimaryGroup - default posix primary group to assign when creating new accounts +attributetypes: ( 2.16.840.1.113730.3.8.1.8 NAME 'ipaDefaultPrimaryGroup' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) +## ipaMaxUsernameLength - maximum username length to allow in the UI +attributetypes: ( 2.16.840.1.113730.3.8.1.9 NAME 'ipaMaxUsernameLength' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +## ipaPwdExpAdvNotify - time in days to send out paswwrod expiration notification before passwpord actually expires +attributetypes: ( 2.16.840.1.113730.3.8.1.10 NAME 'ipaPwdExpAdvNotify' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +############################################### +## +## ObjectClasses +## +## ipaGuiConfig - GUI config parameters objectclass +objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify ) ) diff --git a/ipa-server/ipa-install/share/Makefile.am b/ipa-server/ipa-install/share/Makefile.am index b187b5df0..36bb54e83 100644 --- a/ipa-server/ipa-install/share/Makefile.am +++ b/ipa-server/ipa-install/share/Makefile.am @@ -5,6 +5,7 @@ app_DATA = \ 60kerberos.ldif \ 60samba.ldif \ 60radius.ldif \ + 60ipaconfig.ldif \ bootstrap-template.ldif \ default-aci.ldif \ kerberos.ldif \ diff --git a/ipa-server/ipa-install/share/bootstrap-template.ldif b/ipa-server/ipa-install/share/bootstrap-template.ldif index 30f6fe8a0..9a7b1489e 100644 --- a/ipa-server/ipa-install/share/bootstrap-template.ldif +++ b/ipa-server/ipa-install/share/bootstrap-template.ldif @@ -8,6 +8,7 @@ dn: cn=accounts,$SUFFIX changetype: add objectClass: top objectClass: nsContainer +objectClass: krbPwdPolicy cn: accounts krbMinPwdLife: 3600 krbPwdMinDiffChars: 0 diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstance.py index 0cab17440..0b9a7a502 100644 --- a/ipa-server/ipaserver/dsinstance.py +++ b/ipa-server/ipaserver/dsinstance.py @@ -170,6 +170,8 @@ class DsInstance(service.Service): self.schema_dirname() + "60samba.ldif") shutil.copyfile(SHARE_DIR + "60radius.ldif", self.schema_dirname() + "60radius.ldif") + shutil.copyfile(SHARE_DIR + "60ipaconfig.ldif", + self.schema_dirname() + "60ipaconfig.ldif") def __add_memberof_module(self): self.step("enabling memboerof plugin")