Univention Bugzilla – Attachment 7127 Details for
Bug 29482
Berechtigungen via GSSAPI
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
29482.patch (text/plain), 2.61 KB, created by
Florian Best
on 2015-08-21 15:48 CEST
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Florian Best
Created:
2015-08-21 15:48 CEST
Size:
2.61 KB
patch
obsolete
>diff --git a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >index 6742cab..ad5ab06 100644 >--- a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >+++ b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >@@ -11,9 +11,9 @@ else: > groups_default_domainadmins = custom_groupname('Domain Admins') > users_default_administrator = custom_username('Administrator') > >-print 'sasl-regexp' >+print 'authz-regexp' > print ' uid=([^,]*),cn=(gssapi|saml),cn=auth' >-print ' ldap://0.0.0.0:%s/"%s"??sub?uid=$1' % (ldap_port, ldap_base) >+print ' ldap:///%s??sub?uid=$1' % (ldap_base,) > print > > print 'access to attrs=userPassword' >diff --git a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >index 4082cce..2ffd2d0 100644 >--- a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >+++ b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >@@ -1,6 +1,6 @@ >-sasl-regexp >+authz-regexp > uid=([^,]*),cn=(gssapi|saml),cn=auth >- ldap:///"@%@ldap/base@%@"??sub?uid=$1 >+ ldap:///@%@ldap/base@%@??sub?uid=$1 > > # allow authentication > access to attrs=userPassword >@@ -31,6 +31,9 @@ if baseConfig.is_false('ldap/acl/read/anonymous'): > else: > print ' by * read' > print >+if configRegistry.is_false('ldap/acl/read/anonymous'): >+ print 'access to attrs=entry,uid' >+ print ' by anonymous auth' > > if configRegistry.get('ldap/replog', '').lower() in ('true', 'yes'): > print "replogfile /var/lib/univention-ldap/replog/replog" >diff --git a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end >index 26221f0..08feb25 100644 >--- a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end >+++ b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end >@@ -179,6 +179,10 @@ if configRegistry.is_false('ldap/acl/read/anonymous'): > else: > print ' by * read' > >+if configRegistry.is_false('ldap/acl/read/anonymous'): >+ print 'access to attrs=entry,uid' >+ print ' by anonymous auth' >+ > if configRegistry.is_true('ldap/replog', False): > print "replogfile /var/lib/univention-ldap/replog/replog" > @!@
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 29482
:
5534
| 7127