Univention Bugzilla – Attachment 5721 Details for
Bug 33890
Configurable default Administrator name in univention-ldap
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
custom_Administrator_univention-ldap.patch
custom_Administrator_univention-ldap.patch (text/plain), 9.83 KB, created by
Arvid Requate
on 2014-01-09 18:32:49 CET
(
hide
)
Description:
custom_Administrator_univention-ldap.patch
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2014-01-09 18:32:49 CET
Size:
9.83 KB
patch
obsolete
>Index: univention-ldap/debian/control >=================================================================== >--- univention-ldap/debian/control (Revision 46819) >+++ univention-ldap/debian/control (Arbeitskopie) >@@ -23,8 +23,8 @@ > univention-ipcalc, > univention-ldap-acl-master | univention-ldap-acl-slave, > bind9-host, >- shell-univention-lib (>= 3.0.1-1), >- python-univention-lib (>= 3.0.12-4), >+ shell-univention-lib (>= 3.0.26-14), >+ python-univention-lib (>= 3.0.26-14), > univention-newsid, > univention-join > Conflicts: univention-5250 (<< 0.5), >Index: univention-ldap/10univention-ldap-server.inst >=================================================================== >--- univention-ldap/10univention-ldap-server.inst (Revision 46819) >+++ univention-ldap/10univention-ldap-server.inst (Arbeitskopie) >@@ -54,8 +54,9 @@ > NETMASK="$(get_default_netmask)" > NETWORK="$(get_default_network)" > >-groups_default_domainadmins="${groups_default_domainadmins:-Domain Admins}" >-groups_default_domainusers="${groups_default_domainusers:-Domain Users}" >+users_default_administrator=$(custom_username "Administrator") >+groups_default_domainadmins=$(custom_groupname "Domain Admins") >+groups_default_domainusers=$(custom_groupname "Domain Users") > > reverse=$(univention-ipcalc6 --netmask "$NETMASK" --ip "$IP" --output reverse --calcdns) > >@@ -231,13 +232,13 @@ > if [ -f /var/lib/univention-ldap/root.secret ] ; then > # mailPrimaryAddress is required on ox systems > if [ -n "$ox_primary_maildomain" ] ; then >- univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set mailPrimaryAddress="administrator@$ox_primary_maildomain" --set firstname="Admin" --set username=Administrator --set sambaRID=500 --set unixhome=/home/Administrator --set lastname=Administrator --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die >+ univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set mailPrimaryAddress="administrator@$ox_primary_maildomain" --set firstname="Admin" --set username="$users_default_administrator" --set sambaRID=500 --set unixhome="/home/$users_default_administrator" --set lastname="$users_default_administrator" --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die > else >- univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set username=Administrator --set sambaRID=500 --set unixhome=/home/Administrator --set lastname=Administrator --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die >+ univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set username="$users_default_administrator" --set sambaRID=500 --set unixhome="/home/$users_default_administrator" --set lastname="$users_default_administrator" --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die > fi > fi >- univention-directory-manager groups/group modify "$@" --dn "cn=DC Backup Hosts,cn=groups,$ldap_base" --append users="uid=Administrator,cn=users,$ldap_base" || die >- univention-directory-manager groups/group modify "$@" --dn "cn=$groups_default_domainusers,cn=groups,$ldap_base" --append users="uid=Administrator,cn=users,$ldap_base" || die >+ univention-directory-manager groups/group modify "$@" --dn "cn=DC Backup Hosts,cn=groups,$ldap_base" --append users="uid=$users_default_administrator,cn=users,$ldap_base" || die >+ univention-directory-manager groups/group modify "$@" --dn "cn=$groups_default_domainusers,cn=groups,$ldap_base" --append users="uid=$users_default_administrator,cn=users,$ldap_base" || die > > #create default network > forwardZone=$(univention-directory-manager dns/forward_zone list "$@" --filter zone="$domainname" | sed -ne 's/DN: //p;T;q') >Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >=================================================================== >--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master (Revision 46819) >+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master (Arbeitskopie) >@@ -1,4 +1,6 @@ > @!@ >+from univention.lib.misc import custom_username, custom_groupname >+ > ldap_base=baseConfig['ldap/base'] > ldap_port=baseConfig['slapd/port'] > if baseConfig['ldap/server/type']=="master": >@@ -6,7 +8,8 @@ > else: > usr="read" > >-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins') >+groups_default_domainadmins = custom_groupname('Domain Admins') >+users_default_administrator = custom_username('Administrator') > > print 'sasl-regexp' > print ' uid=(.*),cn=gssapi,cn=auth' >@@ -26,11 +29,11 @@ > print 'access to *' > print ' by sockname="PATH=/var/run/slapd/ldapi" %s' % (usr) > print ' by dn.base="cn=admin,%s" %s' % ( ldap_base, usr) >-print ' by dn.base="uid=Administrator,cn=users,%s" %s' % ( ldap_base, usr) >+print ' by dn.base="uid=%s,cn=users,%s" %s' % ( users_default_administrator, ldap_base, usr) > print ' by * none break' > print '' > >-print 'access to dn="uid=Administrator,cn=users,%s"' % ( ldap_base ) >+print 'access to dn="uid=%s,cn=users,%s"' % ( users_default_administrator, ldap_base ) > print ' by group/univentionGroup/uniqueMember="cn=%s,cn=groups,%s" %s' % ( groups_default_domainadmins, ldap_base, usr) > print ' by dn.base="cn=admin,%s" %s' % ( ldap_base, usr) > print ' by self %s' % ( usr ) >Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >=================================================================== >--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave (Revision 46819) >+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave (Arbeitskopie) >@@ -10,7 +10,9 @@ > access to attrs=userPassword,krb5Key,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,pwhistory,sambaPwdCanChange,sambaPwdMustChange,sambaPasswordHistory,sambaClearTextPassword,sambaPreviousClearTextPassword > by sockname="PATH=/var/run/slapd/ldapi" read > @!@ >-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins') >+from univention.lib.misc import custom_groupname >+ >+groups_default_domainadmins = custom_groupname('Domain Admins') > ldap_base = configRegistry['ldap/base'] > print ' by group/univentionGroup/uniqueMember="cn=%s,cn=groups,%s" read' % ( groups_default_domainadmins, ldap_base ) > >Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end >=================================================================== >--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end (Revision 46819) >+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end (Arbeitskopie) >@@ -1,12 +1,14 @@ > @!@ >+from univention.lib.misc import custom_groupname >+ > ldap_base = configRegistry['ldap/base'] > if configRegistry.get('ldap/server/type') == "master": > usr="write" > else: > usr="read" > >-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins') >-groups_default_windowshosts = configRegistry.get('groups/default/windowshosts', 'Windows Hosts') >+groups_default_domainadmins = custom_groupname('Domain Admins') >+groups_default_windowshosts = custom_groupname('Windows Hosts') > > nestedGroups = configRegistry.is_true('ldap/acl/nestedgroups', True) > >Index: univention-ldap/debian/univention-ldap-server.postinst >=================================================================== >--- univention-ldap/debian/univention-ldap-server.postinst (Revision 46819) >+++ univention-ldap/debian/univention-ldap-server.postinst (Arbeitskopie) >@@ -215,9 +215,9 @@ > > if [ "$1" = "configure" -a "$server_role" = "domaincontroller_master" ] && dpkg --compare-versions "$2" lt-nl 8.0.71-1; then > >- groups_default_authenticatedusers="${groups_default_authenticatedusers:-Authenticated Users}" >- groups_default_enterpriseadmins="${groups_default_enterpriseadmins:-Enterprise Admins}" >- groups_default_windowshosts="${groups_default_windowshosts:-Windows Hosts}" >+ groups_default_authenticatedusers=$(custom_groupname "Authenticated Users") >+ groups_default_enterpriseadmins=$(custom_groupname "Enterprise Admins") >+ groups_default_windowshosts=$(custom_groupname "Windows Hosts") > > sambaSID="$(univention-ldapsearch -x sambaDomainName="$windows_domain" sambaSID | sed -ne 's|^sambaSID: ||p')" > if [ -n "$sambaSID" ]; then >Index: univention-ldap/test/listner-notifier-test >=================================================================== >--- univention-ldap/test/listner-notifier-test (Revision 46819) >+++ univention-ldap/test/listner-notifier-test (Arbeitskopie) >@@ -30,6 +30,8 @@ > # /usr/share/common-licenses/AGPL-3; if not, see > # <http://www.gnu.org/licenses/>. > >+. /usr/share/univention-lib/base.sh >+ > cat << End > Possible Tests: > >@@ -119,8 +121,7 @@ > > user () # create a users/user object > { >- eval "$(ucr shell "groups/default/domainusers")" >- groups_default_domainusers = "${groups_default_domainusers:-Domain Users}" >+ groups_default_domainusers=$(custom_groupname "Domain Users") > univention-admin "$module" create --set username="$rand1" --set lastname="$rand2" --set password=univention --set unixhome="/home/$rand1" --set primaryGroup="cn=$groups_default_domainusers,cn=groups,$ldap_base" --position="cn=users,$ldap_base" > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5721">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 33890
: 5721