Hi,
sounds good!
I've created an upstream issue so we can continue the discussion there as needed.
https://github.com/389ds/389-ds-base/issues/4728
https://github.com/389ds/389-ds-base/issues/4728
Sincerely,
Simon
On Tue, Apr 20, 2021 at 2:45 AM William Brown <wbrown@xxxxxxx> wrote:
> On 19 Apr 2021, at 17:42, Jan Tomasek <jan@xxxxxxxxxx> wrote:
>
> Hi Mark,
>
> no that is not what I need.
>
> I need to prevent our personal department from creating users like 'root', 'sys', 'dev', ... and similar potentially problematic usernames for unix systems.
>
> Monday is much better than friday. Today, I clearly see that this is task for libattr-unique-plugin plugin. I'm going to create ou=Forbidden
> Users,dc=example,dc=com with all forbidden user entries. :)
That's a clever way to achieve it :)
But still, this should be do-able without having dummy accounts.
Simon: This could be a good option for learning how to make a Rust plugin?
>
> Best regards
> --
> -----------------------
> Jan Tomasek aka Semik
> http://www.tomasek.cz/
>
>
>
> On 16. 04. 21 20:19, Mark Reynolds wrote:
>> You can create aci's that restrict specific DN's from doing specific actions like ADD. Is that what you mean? If so, look at the
> Admin
>> guide for more information:
>> https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/managing_access_control
>> HTH,
>> Mark
>> On 4/16/21 10:49 AM, Jan Tomasek wrote:
>>> Hi,
>>>
>>> is there a way how to provide 389DS with list of forbidden uid to prevent creating such user? For example 'root', 'sys', ...
>>>
>>> Thanks
>>>
>>> _______________________________________________
>>> 389-users mailing list --389-users@xxxxxxxxxxxxxxxxxxxxxxx
>>> To unsubscribe send an email to389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
>>> Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>>> List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines
>>> List Archives:https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
>>> Do not reply to spam on the list, report it:https://pagure.io/fedora-infrastructure
>> --
>> 389 Directory Server Development Team
>
> _______________________________________________
> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure