IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Enable anonymous VLV so Solaris clients will work out of the box.

Browse Source 
Since one needs to enable the compat plugin we will enable anonymous
VLV when that is configured.

By default the DS installs an aci that grants read access to ldap:///all
and we need ldap:///anyone
This commit is contained in:
Rob Crittenden 2010-03-19 16:52:13 -04:00
parent 270292f70b
commit c6e6fa758e
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
install/share/schema_compat.uldif
View File

@ -48,3 +48,7 @@ default:schema-compat-entry-attribute: gidNumber=%{gidNumber}
default:schema-compat-entry-attribute: memberUid=%{memberUid}
default:schema-compat-entry-attribute: memberUid=%deref("member","uid")
default:schema-compat-entry-attribute: memberUid=%referred("cn=users","memberOf","uid")
# Enable anonymous VLV browsing for Solaris
dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
only:aci: '(targetattr !="aci")(version 3.0; acl "VLV Request Control"; allow (read, search, compare, proxy) userdn = "ldap:///anyone"; )'