mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 07:33:27 -06:00
60d092f002
This commit updates the subordinate design document to reflect the current state and remove "outdated" message. Signed-off-by: Francisco Trivino <ftrivino@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
42 lines
1.2 KiB
Plaintext
42 lines
1.2 KiB
Plaintext
# add plugin configuration for user private groups
|
|
|
|
dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
|
|
changetype: add
|
|
objectclass: top
|
|
objectclass: extensibleObject
|
|
cn: Posix IDs
|
|
dnaType: uidNumber
|
|
dnaType: gidNumber
|
|
dnaNextValue: eval($IDSTART)
|
|
dnaMaxValue: eval($IDMAX)
|
|
dnaMagicRegen: -1
|
|
dnaFilter: (|(objectClass=posixAccount)(objectClass=posixGroup)(objectClass=ipaIDobject))
|
|
dnaScope: $SUFFIX
|
|
dnaThreshold: 500
|
|
dnaSharedCfgDN: cn=posix-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
|
|
dnaExcludeScope: cn=provisioning,$SUFFIX
|
|
|
|
dn: cn=Subordinate IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
|
|
changetype: add
|
|
objectclass: top
|
|
objectclass: extensibleObject
|
|
cn: Subordinate IDs
|
|
dnaType: ipasubuidnumber
|
|
dnaType: ipasubgidnumber
|
|
dnaNextValue: eval($SUBID_RANGE_START)
|
|
dnaMaxValue: eval($SUBID_RANGE_MAX)
|
|
dnaMagicRegen: -1
|
|
dnaFilter: (objectClass=ipaSubordinateId)
|
|
dnaScope: $SUFFIX
|
|
dnaThreshold: eval($SUBID_DNA_THRESHOLD)
|
|
dnaSharedCfgDN: cn=subordinate-ids,cn=dna,cn=ipa,cn=etc,$SUFFIX
|
|
dnaExcludeScope: cn=provisioning,$SUFFIX
|
|
dnaInterval: eval($SUBID_COUNT)
|
|
|
|
# Enable the DNA plugin
|
|
dn: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
|
|
changetype: modify
|
|
replace: nsslapd-pluginEnabled
|
|
nsslapd-pluginEnabled: on
|
|
|