freeipa/20-aci.update at 6083df1b02f545b92e8d8fd8c767f7bbd0ca4b10 - freeipa - Git Repository of IntenseWebs.com, IF.Finance, IWeb.City, NuKVM.org, OilfieldTools Network, Spartan International Drilling, Green Polymer Products & more

IntenseWebs/freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-30 10:47:08 -06:00

Rob Crittenden 496ab3f738 Add aci to make managed netgroups immutable.

ticket 962

2011-02-18 15:29:51 -05:00

5 lines

246 B

Plaintext

Raw Blame History

 # Don't allow managed netgroups to be modified
 dn: cn=ng,cn=alt,$SUFFIX
 add:aci: '(targetfilter = "(objectClass=mepManagedEntry)")(targetattr = "*")(version 3.0; acl "Managed netgroups cannot be modified"; deny (write) userdn = "ldap:///all";)'