[Freeipa-devel] expanding the LDAP tree
Pete Rowley
prowley at redhat.com
Wed Nov 7 21:28:10 UTC 2007
John Dennis wrote:
> I would like to add a new branch to our LDAP tree to store radius
> configuration information and I thought I would sanity check where I
> expect it belongs and how to add it. Yes/No/Comments welcome.
>
> I think the appropriate place is just under the suffix in a node
> called 'services' then each service can add their name below it and
> their data below that. For example:
>
> dn: cn=radius,cn=services,$SUFFIX
> dn: cn=clients,cn=radius,cn=services,$SUFFIX
>
ok
> Sound reasonable?
>
> I also presume bootstrap-template.ldif is the place to create these,
> right?
>
right
> I also presume we would want to set an Admin Write ACL on
> cn=services,$SUFFIX and Read ACS on each of it's children limited to
> the service and admin.
>
Sounds good.
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071107/f807f27c/attachment.bin>
More information about the Freeipa-devel
mailing list