View | Details | Raw Unified | Return to bug 52215
Collapse All | Expand All

(-)a/ucs-school-ldap-acls-master/65ucsschool (-2 / +2 lines)
Lines 152-162 access to dn.regex="^cn=([^,]+),(cn=@$@TEACHERS@$@,|cn=@$@PUPILS@$@,|)cn=groups, Link Here
152 

          152
          

        

        

          153
          
# Lehrer, Mitarbeiter und OU-Admins muessen einige temporaere Objekte schreiben duerfen

          153
          
# Lehrer, Mitarbeiter und OU-Admins muessen einige temporaere Objekte schreiben duerfen

        

        

          154
          
# da keine regulaeren Ausdruecke auf Gruppenmitgliedschaften moeglich sind wird dies allen Lehrern erlaubt

          154
          
# da keine regulaeren Ausdruecke auf Gruppenmitgliedschaften moeglich sind wird dies allen Lehrern erlaubt

        

          
            

              155
              
access to dn.regex="^cn=([^,]+),cn=(groupName|sid|gid|gidNumber|mac|uidNumber),cn=temporary,cn=univention,@%@ldap/base@%@$$" filter="objectClass=lock" attrs="entry,@univentionObject,@lock"


              155
              
access to dn.regex="^cn=([^,]+),cn=(mailPrimaryAddress|groupName|sid|gid|gidNumber|mac|uidNumber),cn=temporary,cn=univention,@%@ldap/base@%@$$" filter="objectClass=lock" attrs="entry,@univentionObject,@lock"

            

        

          156
          
	by set="([ldap:///]+user/entryDN+[?entryDN?base?%28%7C%28objectClass%3DucsschoolTeacher%29%28objectClass%3DucsschoolAdministrator%29%28objectClass%3DucsschoolStaff%29%29])/ucsschoolSchool" write

          156
          
	by set="([ldap:///]+user/entryDN+[?entryDN?base?%28%7C%28objectClass%3DucsschoolTeacher%29%28objectClass%3DucsschoolAdministrator%29%28objectClass%3DucsschoolStaff%29%29])/ucsschoolSchool" write

        

        

          157
          
	by * +0 break

          157
          
	by * +0 break

        

        

          158
          

          158
          

        

          
            

              159
              
access to dn.regex="^cn=(groupName|sid|gid|gidNumber|mac|uidNumber),cn=temporary,cn=univention,@%@ldap/base@%@$$" attrs=children,entry


              159
              
access to dn.regex="^cn=(mailPrimaryAddress|groupName|sid|gid|gidNumber|mac|uidNumber),cn=temporary,cn=univention,@%@ldap/base@%@$$" attrs=children,entry

            

        

          160
          
	by set="([ldap:///]+user/entryDN+[?entryDN?base?%28%7C%28objectClass%3DucsschoolTeacher%29%28objectClass%3DucsschoolAdministrator%29%28objectClass%3DucsschoolStaff%29%29])/ucsschoolSchool" write

          160
          
	by set="([ldap:///]+user/entryDN+[?entryDN?base?%28%7C%28objectClass%3DucsschoolTeacher%29%28objectClass%3DucsschoolAdministrator%29%28objectClass%3DucsschoolStaff%29%29])/ucsschoolSchool" write

        

        

          161
          
	by * +0 break

          161
          
	by * +0 break

        

        

          162
          

          162
          

        



(-)a/ucs-school-ldap-acls-master/70ucsschool-ldap-acls-master.inst
      (-1 / +1 lines)




  

    
      
            Lines 31-37
          
      
      
        Link Here
      
    
  

        

          31
          

          31
          

        

        

          32
          
## joinscript api: bindpwdfile

          32
          
## joinscript api: bindpwdfile

        

        

          33
          

          33
          

        

          
            

              34
              
VERSION=17


              34
              
VERSION=18

            

        

          35
          
. /usr/share/univention-join/joinscripthelper.lib

          35
          
. /usr/share/univention-join/joinscripthelper.lib

        

        

          36
          
. /usr/share/univention-lib/ldap.sh

          36
          
. /usr/share/univention-lib/ldap.sh

        

        

          37
          
joinscript_init

          37
          
joinscript_init

        






  

  Return to bug 52215