[Freeipa-devel] [PATCH] compat ieee802Device entries for ipaHost entries
Nalin Dahyabhai
nalin at redhat.com
Mon Apr 16 20:39:18 UTC 2012
This bit of configuration creates a cn=computers area under cn=compat
which we populate with ieee802Device entries corresponding to any
ipaHost entries which have both fqdn and macAddress values.
Nalin
-------------- next part --------------
>From 7cffe5a5d62e54e1dc7c621df131f621e49c14f5 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin at dahyabhai.net>
Date: Mon, 16 Apr 2012 15:31:12 -0400
Subject: [PATCH 2/3] - create a "cn=computers" compat area populated with
ieee802Device entries corresponding to computers with
fqdn and macAddress attributes
---
install/share/schema_compat.uldif | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/install/share/schema_compat.uldif b/install/share/schema_compat.uldif
index f042edf..38bf678 100644
--- a/install/share/schema_compat.uldif
+++ b/install/share/schema_compat.uldif
@@ -92,6 +92,20 @@ add:schema-compat-entry-attribute: 'sudoRunAsGroup=%{ipaSudoRunAsExtGroup}'
add:schema-compat-entry-attribute: 'sudoRunAsGroup=%deref("ipaSudoRunAs","cn")'
add:schema-compat-entry-attribute: 'sudoOption=%{ipaSudoOpt}'
+dn: cn=computers, cn=Schema Compatibility, cn=plugins, cn=config
+default:objectClass: top
+default:objectClass: extensibleObject
+default:cn: computers
+default:schema-compat-container-group: cn=compat, $SUFFIX
+default:schema-compat-container-rdn: cn=computers
+default:schema-compat-search-base: cn=computers, cn=accounts, $SUFFIX
+default:schema-compat-search-filter: (&(macAddress=*)(fqdn=*)(objectClass=ipaHost))
+default:schema-compat-entry-rdn: 'cn=%first("%{fqdn}")'
+default:schema-compat-entry-attribute: objectclass=device
+default:schema-compat-entry-attribute: objectclass=ieee802Device
+default:schema-compat-entry-attribute: cn=%{fqdn}
+default:schema-compat-entry-attribute: macAddress=%{macAddress}
+
# Enable anonymous VLV browsing for Solaris
dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
only:aci: '(targetattr !="aci")(version 3.0; acl "VLV Request Control"; allow (read, search, compare, proxy) userdn = "ldap:///anyone"; )'
--
1.7.10
More information about the Freeipa-devel
mailing list