sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code

r20495: Further notes on joining with fedora DS.

Browse Source 
Add in a hook for adding an ACI, needed to allow anonymous access
until we hook across a SYSTEM token to the LDAP server.

Andrew Bartlett
(This used to be commit f45504e2714680978f101b4a98516686a17531df)
This commit is contained in:
Andrew Bartlett 2007-01-03 05:31:50 +00:00 committed by Gerald (Jerry) Carter
parent 43b715a96d
commit e8dfa06d45
4 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source4/scripting/libjs/provision.js
View File

@ -701,6 +701,7 @@ function provision_guess()
subobj.LDAPMODULE = "entryUUID";
subobj.LDAPMODULES = "objectguid";
subobj.EXTENSIBLEOBJECT = "# no objectClass: extensibleObject for local ldb";
subobj.ACI = "# no aci for local ldb";
return subobj;
}

3
source4/setup/fedora-ds-init.ldif
View File

@ -22,5 +22,6 @@ nsslapd-suffix: dc=tammy,dc=abartlet,dc=net
#
# provision with --ldap-backend=ldap://localhost:4389 --ldap-module=nsuniqueid
# provision with --ldap-backend=ldap://localhost:4389 --ldap-module=nsuniqueid --aci='aci: (targetattr = "*") (version 3.0;acl "full access to all by all";allow (all)(userdn = "ldap:///anyone");)'

8
source4/setup/provision
View File

@ -31,7 +31,8 @@ options = GetOptions(ARGV,
'blank',
'ldap-base',
'ldap-backend=s',
'ldap-module=s');
'ldap-module=s',
'aci=s');
if (options == undefined) {
println("Failed to parse options");
@ -81,7 +82,7 @@ provision [options]
--ldap-base output only an LDIF file, suitable for creating an LDAP baseDN
--ldap-backend LDAPSERVER LDAP server to use for this provision
--ldap-module= MODULE LDB mapping module to use for the LDAP backend
--aci= ACI An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server
You must provide at least a realm and domain
");
@ -112,6 +113,9 @@ for (r in options) {
var key = strupper(join("", split("-", r)));
subobj[key] = options[r];
}
if (options["aci"] != undefined) {
println("set ACI: " + subobj["ACI"]);
}
if (options["ldap-backend"] != undefined) {
subobj["LDAPMODULES"] = subobj["LDAPMODULE"] + ",paged_searches";

1
source4/setup/provision_basedn.ldif
View File

@ -6,5 +6,6 @@ objectClass: top
objectClass: domain
objectClass: domainDNS
${EXTENSIBLEOBJECT}
${ACI}
dc: ${RDN_DC}