Attachment #7127 for bug #29482

(-)a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master (-2 / +2 lines)

Lines 11-19 else:	Link Here

groups_default_domainadmins = custom_groupname('Domain Admins')

groups_default_domainadmins = custom_groupname('Domain Admins')

users_default_administrator = custom_username('Administrator')

users_default_administrator = custom_username('Administrator')

print 'sasl-regexp'

print 'authz-regexp'

print '    uid=([^,]*),cn=(gssapi|saml),cn=auth'

print '    uid=([^,]*),cn=(gssapi|saml),cn=auth'

print '    ldap://0.0.0.0:%s/"%s"??sub?uid=$1' % (ldap_port, ldap_base)

print '    ldap:///%s??sub?uid=$1' % (ldap_base,)

print

print

print 'access to attrs=userPassword'

print 'access to attrs=userPassword'

(-)a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave (-2 / +5 lines)

Lines 1-6	Link Here

sasl-regexp

authz-regexp

    uid=([^,]*),cn=(gssapi|saml),cn=auth

    uid=([^,]*),cn=(gssapi|saml),cn=auth

    ldap:///"@%@ldap/base@%@"??sub?uid=$1

    ldap:///@%@ldap/base@%@??sub?uid=$1

# allow authentication

# allow authentication

access to attrs=userPassword

access to attrs=userPassword

Lines 31-36 if baseConfig.is_false('ldap/acl/read/anonymous'):	Link Here

else:

else:

	print '   by * read'

	print '   by * read'

print

print

if configRegistry.is_false('ldap/acl/read/anonymous'):

	print 'access to attrs=entry,uid'

	print '   by anonymous auth'

if configRegistry.get('ldap/replog', '').lower() in ('true', 'yes'):

if configRegistry.get('ldap/replog', '').lower() in ('true', 'yes'):

	print "replogfile /var/lib/univention-ldap/replog/replog"

	print "replogfile /var/lib/univention-ldap/replog/replog"

(-)a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end (+4 lines)

Lines 179-184 if configRegistry.is_false('ldap/acl/read/anonymous'):	Link Here

179

else:

179

else:

180

	print '   by * read'

180

	print '   by * read'

181

182

if configRegistry.is_false('ldap/acl/read/anonymous'):

183

	print 'access to attrs=entry,uid'

184

	print '   by anonymous auth'

185

182

if configRegistry.is_true('ldap/replog', False):

186

if configRegistry.is_true('ldap/replog', False):

183

	print "replogfile /var/lib/univention-ldap/replog/replog"

187

	print "replogfile /var/lib/univention-ldap/replog/replog"

184

@!@

188

@!@

Return to bug 29482