mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 16:31:08 -06:00
91606e6679
Change user-add's uid & gid parameters from autofill to optional. Change the DNA magic value to -1. For old clients, which will still send 999 when they want DNA assignment, translate the 999 to -1. This is done via a new capability, optional_uid_params. Tests included https://fedorahosted.org/freeipa/ticket/2886
29 lines
1.0 KiB
Plaintext
29 lines
1.0 KiB
Plaintext
dn: cn=ipa-winsync,cn=plugins,cn=config
|
|
changetype: add
|
|
objectclass: top
|
|
objectclass: nsSlapdPlugin
|
|
objectclass: extensibleObject
|
|
cn: ipa-winsync
|
|
nsslapd-pluginpath: libipa_winsync
|
|
nsslapd-plugininitfunc: ipa_winsync_plugin_init
|
|
nsslapd-pluginDescription: Allows IPA to work with the DS windows sync feature
|
|
nsslapd-pluginid: ipa-winsync
|
|
nsslapd-pluginversion: 1.0
|
|
nsslapd-pluginvendor: Red Hat
|
|
nsslapd-plugintype: preoperation
|
|
nsslapd-pluginenabled: on
|
|
nsslapd-plugin-depends-on-type: database
|
|
ipaWinSyncRealmFilter: (objectclass=krbRealmContainer)
|
|
ipaWinSyncRealmAttr: cn
|
|
ipaWinSyncNewEntryFilter: (cn=ipaConfig)
|
|
ipaWinSyncNewUserOCAttr: ipauserobjectclasses
|
|
ipaWinSyncUserFlatten: true
|
|
ipaWinsyncHomeDirAttr: ipaHomesRootDir
|
|
ipaWinsyncLoginShellAttr: ipaDefaultLoginShell
|
|
ipaWinSyncDefaultGroupAttr: ipaDefaultPrimaryGroup
|
|
ipaWinSyncDefaultGroupFilter: (gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames)
|
|
ipaWinSyncAcctDisable: both
|
|
ipaWinSyncForceSync: true
|
|
ipaWinSyncUserAttr: uidNumber -1
|
|
ipaWinSyncUserAttr: gidNumber -1
|