mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-28 01:41:14 -06:00
ba59d9d648
This uses a new 389-ds plugin, Managed Entries, to automatically create a group entry when a user is created. The DNA plugin ensures that the group has a gidNumber that matches the users uidNumber. When the user is removed the group is automatically removed as well. If the managed entries plugin is not available or if a specific, separate range for gidNumber is passed in at install time then User-Private Groups will not be configured. The code checking for the Managed Entries plugin may be removed at some point. This is there because this plugin is only available in a 389-ds alpha release currently (1.2.6-a4).
17 lines
447 B
Plaintext
17 lines
447 B
Plaintext
# add plugin configuration for user private groups
|
|
|
|
dn: cn=User Private Groups,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
|
|
changetype: add
|
|
objectclass: top
|
|
objectclass: extensibleObject
|
|
cn: Posix Accounts
|
|
dnaType: uidNumber
|
|
dnaType: gidNumber
|
|
dnaNextValue: eval($UIDSTART+1)
|
|
dnaInterval: 1
|
|
dnaMaxValue: eval($UIDSTART+100000)
|
|
dnaMagicRegen: 999
|
|
dnaFilter: (|(objectclass=posixAccount)(objectClass=posixGroup))
|
|
dnaScope: $SUFFIX
|
|
|