freeipa/install/share/nis.uldif
Rob Crittenden c48d34fa43 Fix nested netgroups in NIS.
We originally designed netgroups to use a special membership attribute,
memberNisNetgroup. We changed it at implementation time but never updated
the mapping.

https://fedorahosted.org/freeipa/ticket/2359
2012-02-29 16:01:58 +01:00

73 lines
3.6 KiB
Plaintext

dn: cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: nsSlapdPlugin
default:objectclass: extensibleObject
default:cn: NIS Server
default:nsslapd-pluginpath: /usr/lib$LIBARCH/dirsrv/plugins/nisserver-plugin.so
default:nsslapd-plugininitfunc: nis_plugin_init
default:nsslapd-plugintype: object
default:nsslapd-pluginenabled: on
default:nsslapd-pluginid: nis-server
default:nsslapd-pluginversion: 0.10
default:nsslapd-pluginvendor: redhat.com
default:nsslapd-plugindescription: NIS Server Plugin
default:nis-tcp-wrappers-name: nis-server
dn: nis-domain=$DOMAIN+nis-map=passwd.byname, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: passwd.byname
default:nis-base: cn=users, cn=accounts, $SUFFIX
default:nis-secure: no
dn: nis-domain=$DOMAIN+nis-map=passwd.byuid, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: passwd.byuid
default:nis-base: cn=users, cn=accounts, $SUFFIX
default:nis-secure: no
dn: nis-domain=$DOMAIN+nis-map=group.byname, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: group.byname
default:nis-base: cn=groups, cn=accounts, $SUFFIX
default:nis-secure: no
dn: nis-domain=$DOMAIN+nis-map=group.bygid, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: group.bygid
default:nis-base: cn=groups, cn=accounts, $SUFFIX
default:nis-secure: no
dn: nis-domain=$DOMAIN+nis-map=netid.byname, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: netid.byname
default:nis-base: cn=users, cn=accounts, $SUFFIX
default:nis-secure: no
# Note that the escapes in this entry can be quite confusing. The trick
# is that each level of nesting requires (2^n) - 1 escapes. So the
# first level is \", the second is \\\", the third is \\\\\\\", etc.
# (1, 3, 7, 15, more than that and you'll go insane)
# Note that this configuration mirrors the Schema Compat configuration for
# triples.
dn: nis-domain=$DOMAIN+nis-map=netgroup, cn=NIS Server, cn=plugins, cn=config
default:objectclass: top
default:objectclass: extensibleObject
default:nis-domain: $DOMAIN
default:nis-map: netgroup
default:nis-base: cn=ng, cn=alt, $SUFFIX
default:nis-filter: (objectClass=ipanisNetgroup)
default:nis-key-format: %{cn}
default:nis-value-format:%merge(" ","%deref_f(\"member\",\"(objectclass=ipanisNetgroup)\",\"cn\")","(%link(\"%ifeq(\\\"hostCategory\\\",\\\"all\\\",\\\"\\\",\\\"%collect(\\\\\\\"%{externalHost}\\\\\\\",\\\\\\\"%deref(\\\\\\\\\\\\\\\"memberHost\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"fqdn\\\\\\\\\\\\\\\")\\\\\\\",\\\\\\\"%deref_r(\\\\\\\\\\\\\\\"member\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"fqdn\\\\\\\\\\\\\\\")\\\\\\\",\\\\\\\"%deref_r(\\\\\\\\\\\\\\\"memberHost\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"member\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"fqdn\\\\\\\\\\\\\\\")\\\\\\\")\\\")\",\"-\",\",\",\"%ifeq(\\\"userCategory\\\",\\\"all\\\",\\\"\\\",\\\"%collect(\\\\\\\"%deref(\\\\\\\\\\\\\\\"memberUser\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"uid\\\\\\\\\\\\\\\")\\\\\\\",\\\\\\\"%deref_r(\\\\\\\\\\\\\\\"member\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"uid\\\\\\\\\\\\\\\")\\\\\\\",\\\\\\\"%deref_r(\\\\\\\\\\\\\\\"memberUser\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"member\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"uid\\\\\\\\\\\\\\\")\\\\\\\")\\\")\",\"-\"),%{nisDomainName:-})")
default:nis-secure: no