Changes between Version 22 and Version 23 of ldap

Timestamp:

Nov 30, 2016, 7:40:13 AM (8 years ago)

Author:

admin

Comment:

--

ldap

@@ -358 +358 @@
 {{{
 # group, 'your domain'.ws.learn.ac.lk
-dn: ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-description: learn groups
-objectClass: top
-objectClass: organizationalUnit
-ou: group
+dn:ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+description:learn groups
+objectClass:top
+objectClass:organizationalUnit
+ou:group
 # adm staf, group, 'your domain'.ws.learn.ac.lk
-dn: cn=adm,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: adm
-description: System Admin Staff
-gidNumber: 1000
-objectClass: posixGroup
-objectClass: top
+dn:cn=adm,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+cn:adm
+description:System Admin Staff
+gidNumber:1000
+objectClass:posixGroup
+objectClass:top
 
 # acadamic staf, group, 'your domain'.ws.learn.ac.lk
-dn: cn=acd,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: acd
-description: Acadamic Staff
-gidNumber: 2000
-objectClass: posixGroup
-objectClass: top
+dn:cn=acd,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+cn:acd
+description:Acadamic Staff
+gidNumber:2000
+objectClass:posixGroup
+objectClass:top
 
 # students, group, 'your domain'.ws.learn.ac.lk
-dn: cn=std,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: std
-description: Students
-gidNumber: 5000
-objectClass: posixGroup
-objectClass: top
+dn:cn=std,ou=group,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+cn:std
+description:Students
+gidNumber:5000
+objectClass:posixGroup
+objectClass:top
 
 # servers, 'your domain'.ws.learn.ac.lk
-dn: ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-description: servers
-objectClass: top
-objectClass: organizationalUnit
-ou: servers
+dn:ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+description:servers
+objectClass:top
+objectClass:organizationalUnit
+ou:servers
 
 # idp, servers, 'your domain'.ws.learn.ac.lk
-dn: cn=idp,ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: idp
-description: Identity Server
-ipHostNumber: 192.248.6.XX
-objectClass: top
-objectClass: device
-objectClass: ipHost
-objectClass: simpleSecurityObject
-userPassword: {crypt}idpldap
-
-# www, servers, 'your domain'.ws.learn.ac.lk
-dn: cn=www,ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: irs
-description: IRS Server
-ipHostNumber: 192.248.6.XX
-objectClass: top
-objectClass: device
-objectClass: ipHost
-objectClass: simpleSecurityObject
-userPassword: {crypt}wwwsvr
+dn:cn=idp,ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+cn:idp
+description:Identity Server
+ipHostNumber:192.248.6.XX
+objectClass:top
+objectClass:device
+objectClass:ipHost
+objectClass:simpleSecurityObject
+userPassword:{crypt}idpldap
 
 # people, 'your domain'.ws.learnac.lk
-dn: ou=people,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-description: inst users
-objectClass: top
-objectClass: organizationalUnit
-ou: people
+dn:ou=people,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+description:inst users
+objectClass:top
+objectClass:organizationalUnit
+ou:people
 
 # testme, people, 'your domain'.ws.learn.ac.lk
-dn: uid=testme,ou=people,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
-cn: Test Me
-departmentNumber: LEARN
-employeeNumber: 02
-employeeType: Test Account
-facsimileTelephoneNumber: 081 2003032
-gecos: Test Me
-gidNumber: 1000
-givenName: Test Me
-homeDirectory: /home/testme
-homePhone: none
-homePostalAddress: none
-initials: T M
-jpegPhoto: none
-labeledURI: none
-loginShell: /usr/local/bin/bash
-mobile: none
-objectClass: person
-objectClass: organizationalPerson
-objectClass: inetOrgPerson
-objectClass: posixAccount
-objectClass: top
-objectClass: shadowAccount
-shadowExpire: 14940
-shadowFlag: 134538484
-shadowInactive: 0
-shadowLastChange: 14483
-shadowMax: 13100
-shadowMin: 0
-shadowWarning: 7
-sn: Test
-telephoneNumber: 3032
-uid: testme
-uidNumber: 1001
-userPassword: testme
+dn:uid=testme,ou=people,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk
+cn:Test Me
+departmentNumber:LEARN
+employeeNumber:02
+employeeType:Test Account
+facsimileTelephoneNumber:081 2003032
+gecos:Test Me
+gidNumber:1000
+givenName:Test Me
+homeDirectory:/home/testme
+homePhone:none
+homePostalAddress:none
+initials:T M
+jpegPhoto:none
+labeledURI:none
+loginShell:/usr/local/bin/bash
+mobile:none
+objectClass:person
+objectClass:organizationalPerson
+objectClass:inetOrgPerson
+objectClass:posixAccount
+objectClass:top
+objectClass:shadowAccount
+shadowExpire:14940
+shadowFlag:134538484
+shadowInactive:0
+shadowLastChange:14483
+shadowMax:13100
+shadowMin:0
+shadowWarning:7
+sn:Test
+telephoneNumber:3032
+uid:testme
+uidNumber:1001
+userPassword:testme
 }}}
 Note that user passwords are not encrypted (in clear text format).
@@ -490 +479 @@
 Create new file named acc1.ldif with following modification to ACLs. This will provide your irs to read users passwords.
 {{{
-dn: olcDatabase={1}hdb,cn=config
-changetype: modify
-replace: olcAccess
-olcAccess: {0}to attrs=userPassword by self write by anonymous auth by dn.children="ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk" read by * none
-olcAccess: {1}to attrs=shadowLastChange by self write by * read
-olcAccess: {2}to * by * read
+dn:olcDatabase={1}hdb,cn=config
+changetype:modify
+replace:olcAccess
+olcAccess:{0}to attrs=userPassword by self write by anonymous auth by dn.children="ou=servers,dc='your domain'dc=ws,dc=learn,dc=ac,dc=lk" read by * none
+olcAccess:{1}to attrs=shadowLastChange by self write by * read
+olcAccess:{2}to * by * read
 }}}