IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add a privilege and a permission needed for automember rebuild command

Browse Source 
Design: http://www.freeipa.org/page/V3/Automember_rebuild_membership
https://fedorahosted.org/freeipa/ticket/3752
This commit is contained in:
Ana Krivokapic 2013-09-19 14:10:32 +02:00 committed by Martin Kosek
parent d97386de5b
commit dfea5989f7
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
install/updates/40-delegation.update
View File

@ -373,3 +373,22 @@ add: member: 'cn=Host Administrators,cn=privileges,cn=pbac,$SUFFIX'
dn: cn=Revoke Certificate,cn=permissions,cn=pbac,$SUFFIX dn: cn=Revoke Certificate,cn=permissions,cn=pbac,$SUFFIX
add: member: 'cn=Host Administrators,cn=privileges,cn=pbac,$SUFFIX' add: member: 'cn=Host Administrators,cn=privileges,cn=pbac,$SUFFIX'
# Automember tasks
dn: cn=Automember Task Administrator,cn=privileges,cn=pbac,$SUFFIX
default:objectClass: nestedgroup
default:objectClass: groupofnames
default:objectClass: top
default:cn: Automember Task Administrator
default:description: Automember Task Administrator
dn: cn=Add Automember Rebuild Membership Task,cn=permissions,cn=pbac,$SUFFIX
default:objectClass: groupofnames
default:objectClass: ipapermission
default:objectClass: top
default:cn: Add Automember Rebuild Membership Task
default:member: cn=Automember Task Administrator,cn=privileges,cn=pbac,$SUFFIX
default:ipapermissiontype: SYSTEM
dn: cn=config
add:aci: '(target = "ldap:///cn=automember rebuild membership,cn=tasks,cn=config")(targetattr=*)(version 3.0;acl "permission:Add Automember Rebuild Membership Task";allow (add) groupdn = "ldap:///cn=Add Automember Rebuild Membership Task,cn=permissions,cn=pbac,$SUFFIX";)'