2025-01-22 22:04:08 +03:00 · 2010-01-29 16:05:22 -06:00 · 2010-01-29 16:05:22 -06:00 · c54699faf2
commit c54699faf2
parent 7ad931dda9
2 changed files with 11 additions and 7 deletions
--- a/source4/scripting/python/samba/provisionbackend.py
+++ b/source4/scripting/python/samba/provisionbackend.py
@ -721,14 +721,7 @@ class FDSBackend(LDAPBackend):
    def post_setup(self):
        ldapi_db = Ldb(self.ldapi_uri, credentials=self.credentials)

-        # delete default SASL mappings
-        res = ldapi_db.search(expression="(!(cn=samba-admin mapping))", base="cn=mapping,cn=sasl,cn=config", scope=SCOPE_ONELEVEL, attrs=["dn"])
-    
        # configure in-directory access control on Fedora DS via the aci attribute (over a direct ldapi:// socket)
-        for i in range (0, len(res)):
-            dn = str(res[i]["dn"])
-            ldapi_db.delete(dn)
-            
        aci = """(targetattr = "*") (version 3.0;acl "full access to all by samba-admin";allow (all)(userdn = "ldap:///CN=samba-admin,%s");)""" % self.sambadn
        
        m = ldb.Message()
--- a/source4/setup/fedorads-sasl.ldif
+++ b/source4/setup/fedorads-sasl.ldif
@ -7,3 +7,14 @@ nsSaslMapRegexString: ^samba-admin$
 nsSaslMapBaseDNTemplate: CN=samba-admin,${SAMBADN}
 nsSaslMapFilterTemplate: (objectclass=*)

+dn: cn=Kerberos uid mapping,cn=mapping,cn=sasl,cn=config
+changetype: delete
+
+dn: cn=rfc 2829 dn syntax,cn=mapping,cn=sasl,cn=config
+changetype: delete
+
+dn: cn=rfc 2829 u syntax,cn=mapping,cn=sasl,cn=config
+changetype: delete
+
+dn: cn=uid mapping,cn=mapping,cn=sasl,cn=config
+changetype: delete