IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-23 07:33:27 -06:00
Code Issues Packages Projects Releases Wiki Activity
7233944e74
freeipa/install/updates/71-idviews-sasl-mapping.update
Alexander Bokovoy b506fd178e adtrust: support GSSAPI authentication to LDAP as Active Directory user 
In case an ID override was created for an Active Directory user in the
default trust view, allow mapping the incoming GSSAPI authenticated
connection to the ID override for this user.

This allows to self-manage ID override parameters from the CLI, for
example, SSH public keys or certificates. Admins can define what can be
changed by the users via self-service permissions.

Part of https://fedorahosted.org/freeipa/ticket/2149
Part of https://fedorahosted.org/freeipa/ticket/3242

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2016-06-10 13:39:02 +02:00

9 lines
402 B
Plaintext
Raw Blame History

dn: cn=ID Overridden Principal,cn=mapping,cn=sasl,cn=config
default:cn: ID Overridden Principal
default:nsSaslMapBaseDNTemplate: cn=default trust view,cn=views,cn=accounts,$SUFFIX
default:nsSaslMapFilterTemplate: (&(ipaoriginaluid=\1@\2)(objectclass=ipaUserOverride))
default:nsSaslMapPriority: 20
default:nsSaslMapRegexString: \(.*\)@\(.*\)
default:objectClass: top
default:objectClass: nsSaslMapping
Reference in New Issue View Git Blame Copy Permalink