[Fedora-directory-commits] adminserver/admserv/schema/ldif 16dssuffixadmin.mod.tmpl, NONE, 1.1 12dsconfig.mod.tmpl, 1.1, 1.2 13dsschema.mod.tmpl, 1.1, 1.2

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Wed Dec 12 00:45:40 UTC 2007 

Author: rmeggins

Update of /cvs/dirsec/adminserver/admserv/schema/ldif
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13672/adminserver/admserv/schema/ldif

Modified Files:
	12dsconfig.mod.tmpl 13dsschema.mod.tmpl 
Added Files:
	16dssuffixadmin.mod.tmpl 
Log Message:
Resolves: bug 420751
Bug Description: Console admin user unable to manage users&groups
Reviewed by: nkinder, nhosoi (Thanks!)
Fix Description: I added a new template file for adding the acis to the default suffix.  I also fixed a couple of places in the other template files where we were referring to uid=admin instead of uid=%as_uid%, in case the user doesn't use the default "admin" for the console admin.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file change
Doc impact: no



--- NEW FILE 16dssuffixadmin.mod.tmpl ---
# BEGIN COPYRIGHT BLOCK
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
# END COPYRIGHT BLOCK
dn: %ds_suffix%
changetype: modify
add: aci
aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";)
aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=%as_uid%,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";)
aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)


Index: 12dsconfig.mod.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/12dsconfig.mod.tmpl,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 12dsconfig.mod.tmpl	20 Jun 2007 23:50:11 -0000	1.1
+++ 12dsconfig.mod.tmpl	12 Dec 2007 00:45:38 -0000	1.2
@@ -21,7 +21,7 @@
 changetype: modify
 add: aci
 aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";)
-aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";)
+aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=%as_uid%, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";)
 aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
 
 dn: cn=SNMP,cn=config


Index: 13dsschema.mod.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/13dsschema.mod.tmpl,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 13dsschema.mod.tmpl	20 Jun 2007 23:50:11 -0000	1.1
+++ 13dsschema.mod.tmpl	12 Dec 2007 00:45:38 -0000	1.2
@@ -22,5 +22,5 @@
 add: aci
 aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)
 aci: (targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators, ou=Groups, ou=TopologyManagement, o=NetscapeRoot";)
-aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";)
+aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=%as_uid%,ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";)
 aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)

More information about the Fedora-directory-commits mailing list