summaryrefslogtreecommitdiffstats
path: root/confskel
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-04 17:05:03 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-04 17:05:03 -0500
commitded257d2225a74343c32b3303ec3778da216b688 (patch)
tree37765cf04edbfea0f507ed0208de2bc89cc62ac8 /confskel
parent085abd94d86b16825501b4215bd852fa546b31a9 (diff)
downloadkcmldapcontroller-ded257d2225a74343c32b3303ec3778da216b688.tar.gz
kcmldapcontroller-ded257d2225a74343c32b3303ec3778da216b688.zip
Add utility to manage kadmind ACL list based on group membership
Diffstat (limited to 'confskel')
-rw-r--r--confskel/heimdal/kadmind.acl10
-rw-r--r--confskel/openldap/ldif/olcDatabase.ldif1
2 files changed, 9 insertions, 2 deletions
diff --git a/confskel/heimdal/kadmind.acl b/confskel/heimdal/kadmind.acl
index 27fe007..b534354 100644
--- a/confskel/heimdal/kadmind.acl
+++ b/confskel/heimdal/kadmind.acl
@@ -1,2 +1,8 @@
-kadmin/@@@ROOTUSER@@@@@@@REALM_UCNAME@@@ all
-@@@ADMINUSER@@@@@@@REALM_UCNAME@@@ all
+# This file was automatically generated by TDE
+# All changes will be lost!
+
+# Internal Kerberos administration account
+kadmin/@@@ROOTUSER@@@@@@@REALM_UCNAME@@@ all
+
+# Configured realm administrators
+@@@ADMINUSER@@@@@@@REALM_UCNAME@@@ all \ No newline at end of file
diff --git a/confskel/openldap/ldif/olcDatabase.ldif b/confskel/openldap/ldif/olcDatabase.ldif
index 90e841b..409051b 100644
--- a/confskel/openldap/ldif/olcDatabase.ldif
+++ b/confskel/openldap/ldif/olcDatabase.ldif
@@ -41,6 +41,7 @@ olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
+olcPlugin: postoperation @@@TDELIBDIR@@@/slapi-acl-manager.so plugin_init admingroup-dn:=cn=@@@ADMINGROUP@@@,ou=groups,ou=core,ou=realm,@@@REALM_DCNAME@@@ realm:=@@@REALM_UCNAME@@@ aclfile:=@@@HEIMDALACLFILE@@@ builtinadmin:=@@@ROOTUSER@@@
structuralObjectClass: olcHdbConfig
creatorsName: cn=config
createTimestamp: @@@TIMESTAMP@@@Z