|
32 |
|
32 |
|
33 |
## joinscript api: bindpwdfile |
33 |
## joinscript api: bindpwdfile |
34 |
|
34 |
|
35 |
VERSION=5 |
35 |
VERSION=6 |
36 |
. /usr/share/univention-join/joinscripthelper.lib |
36 |
. /usr/share/univention-join/joinscripthelper.lib |
37 |
joinscript_init |
37 |
joinscript_init |
38 |
|
38 |
|
Lines 248-259
if [ "$server_role" = "domaincontroller_master" ]; then
|
Link Here
|
---|
|
248 |
objectClass: pwdPolicy |
248 |
objectClass: pwdPolicy |
249 |
cn: default |
249 |
cn: default |
250 |
pwdAttribute: 2.5.4.35 |
250 |
pwdAttribute: 2.5.4.35 |
251 |
pwdAllowUserChange: FALSE |
251 |
pwdAllowUserChange: TRUE |
252 |
pwdLockout: TRUE |
252 |
pwdLockout: TRUE |
253 |
pwdMaxFailure: 5 |
253 |
pwdMaxFailure: 5 |
254 |
pwdFailureCountInterval: 900 |
254 |
pwdFailureCountInterval: 900 |
255 |
%EOR |
255 |
%EOR |
256 |
fi |
256 |
fi |
|
|
257 |
if [ $JS_LAST_EXECUTED_VERSION -lt 6 ]; then |
258 |
ldapmodify -D "cn=admin,$ldap_base" -y /etc/ldap.secret <<-%EOR |
259 |
dn: cn=default,cn=ppolicy,cn=univention,$ldap_base |
260 |
changetype: modify |
261 |
replace: pwdAllowUserChange |
262 |
pwdAllowUserChange: TRUE |
263 |
%EOR |
264 |
fi |
257 |
fi |
265 |
fi |
258 |
|
266 |
|
259 |
# Create kerberos principal for ldap/hostname.domainname |
267 |
# Create kerberos principal for ldap/hostname.domainname |