Attachment #5534 for bug #29482

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master (-2 / +2 lines)

Lines 6-14 if baseConfig['ldap/server/type']=="master":	Link Here

else:

else:

	usr="read"

	usr="read"

print 'sasl-regexp'

print 'authz-regexp'

print '    uid=(.*),cn=gssapi,cn=auth'

print '    uid=(.*),cn=gssapi,cn=auth'

print '    ldap://0.0.0.0:%s/"%s"??sub?uid=$1' % (ldap_port, ldap_base)

print '    ldap:///%s??sub?uid=$1' % (ldap_base,)

print

print

print 'access to attrs=userPassword'

print 'access to attrs=userPassword'

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave (-2 / +2 lines)

Lines 1-6	Link Here

sasl-regexp

authz-regexp

    uid=(.*),cn=gssapi,cn=auth

    uid=(.*),cn=gssapi,cn=auth

    ldap:///"@%@ldap/base@%@"??sub?uid=$1

    ldap:///@%@ldap/base@%@??sub?uid=$1

# allow authentication

# allow authentication

access to attrs=userPassword

access to attrs=userPassword

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end (+1 lines)

Lines 148-153 if configRegistry.is_false('ldap/acl/read/anonymous'):	Link Here

148

	if ldap_acl_read_anonymous_ips:

148

	if ldap_acl_read_anonymous_ips:

149

		for ip in ldap_acl_read_anonymous_ips.split(','):

149

		for ip in ldap_acl_read_anonymous_ips.split(','):

150

			print '   by peername.ip=%s read' % ip

150

			print '   by peername.ip=%s read' % ip

151

	print '   by anonymous auth'

151

else:

152

else:

152

	print '   by * read'

153

	print '   by * read'

153

154

Return to bug 29482