diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2010-01-29 16:05:22 -0600 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-03-02 14:07:15 +1100 |
| commit | c54699faf2796e1e8acbb2215fab835a6d86318e (patch) | |
| tree | 9171e2b5b5a1045a6d3bdba56513896ca6bfce3d /source4 | |
| parent | 7ad931dda929e230b90d6ce3f35db7480321d6b0 (diff) | |
| download | samba-c54699faf2796e1e8acbb2215fab835a6d86318e.tar.gz samba-c54699faf2796e1e8acbb2215fab835a6d86318e.tar.bz2 samba-c54699faf2796e1e8acbb2215fab835a6d86318e.zip | |
s4:provision - Moved default FDS SASL mappings deletion from post_setup() to init().
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/scripting/python/samba/provisionbackend.py | 7 | ||||
| -rw-r--r-- | source4/setup/fedorads-sasl.ldif | 11 |
2 files changed, 11 insertions, 7 deletions
diff --git a/source4/scripting/python/samba/provisionbackend.py b/source4/scripting/python/samba/provisionbackend.py index 75e00979df..1919c5d81c 100644 --- a/source4/scripting/python/samba/provisionbackend.py +++ b/source4/scripting/python/samba/provisionbackend.py @@ -721,14 +721,7 @@ class FDSBackend(LDAPBackend): def post_setup(self): ldapi_db = Ldb(self.ldapi_uri, credentials=self.credentials) - # delete default SASL mappings - res = ldapi_db.search(expression="(!(cn=samba-admin mapping))", base="cn=mapping,cn=sasl,cn=config", scope=SCOPE_ONELEVEL, attrs=["dn"]) - # configure in-directory access control on Fedora DS via the aci attribute (over a direct ldapi:// socket) - for i in range (0, len(res)): - dn = str(res[i]["dn"]) - ldapi_db.delete(dn) - aci = """(targetattr = "*") (version 3.0;acl "full access to all by samba-admin";allow (all)(userdn = "ldap:///CN=samba-admin,%s");)""" % self.sambadn m = ldb.Message() diff --git a/source4/setup/fedorads-sasl.ldif b/source4/setup/fedorads-sasl.ldif index 99bb6a72cd..d0f954f35c 100644 --- a/source4/setup/fedorads-sasl.ldif +++ b/source4/setup/fedorads-sasl.ldif @@ -7,3 +7,14 @@ nsSaslMapRegexString: ^samba-admin$ nsSaslMapBaseDNTemplate: CN=samba-admin,${SAMBADN} nsSaslMapFilterTemplate: (objectclass=*) +dn: cn=Kerberos uid mapping,cn=mapping,cn=sasl,cn=config +changetype: delete + +dn: cn=rfc 2829 dn syntax,cn=mapping,cn=sasl,cn=config +changetype: delete + +dn: cn=rfc 2829 u syntax,cn=mapping,cn=sasl,cn=config +changetype: delete + +dn: cn=uid mapping,cn=mapping,cn=sasl,cn=config +changetype: delete |