Summary: Configure Pass Thru Auth https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244749 Adding ACIs to allow the Admin CGIs and Console to access the server info. ------- Additional Comments From nhosoi@xxxxxxxxxx 2007-06-20 17:23 EST ------- Created an attachment (id=157497) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=157497&action=view) cvs diffs Modified Files: ldapserver/ldap/admin/src/scripts/Util.pm.in adminserver/admserv/schema/ldif/00nsroot_backend.ldif.tmpl 01nsroot.ldif.tmpl 20asdata.ldif.tmpl New Files: adminserver/admserv/schema/ldif/12dsconfig.mod.tmpl 13dsschema.mod.tmpl Description: 1) updated check_and_add_entry to support ldifmodify format. plus added minor fixes for comparing entries 2) adding ACIs to o=netscaperoot, cn=config, and cn=schema to allow the Admin CGIs/Console to access the server configuration info. Note: it still gives the access right to the SIE Group on o=netscaperoot, cn=config, and cn=schema: aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";) Can we just remove the ACI? Could it occur any problems to the Admin CGIs/Console?
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
