aboutsummaryrefslogtreecommitdiff
path: root/files/usr/local/etc/openldap
diff options
context:
space:
mode:
Diffstat (limited to 'files/usr/local/etc/openldap')
-rw-r--r--files/usr/local/etc/openldap/ldap.conf.idm_server2
-rw-r--r--files/usr/local/etc/openldap/slapd.ldif.idm_server4
2 files changed, 3 insertions, 3 deletions
diff --git a/files/usr/local/etc/openldap/ldap.conf.idm_server b/files/usr/local/etc/openldap/ldap.conf.idm_server
index 3b285f7..a3e18f2 100644
--- a/files/usr/local/etc/openldap/ldap.conf.idm_server
+++ b/files/usr/local/etc/openldap/ldap.conf.idm_server
@@ -1,4 +1,4 @@
-URI ldapi:///
+URI ${slapd_ldapi_uri}
BASE ${basedn}
USE_SASL yes
ROOTUSE_SASL yes
diff --git a/files/usr/local/etc/openldap/slapd.ldif.idm_server b/files/usr/local/etc/openldap/slapd.ldif.idm_server
index 784c63a..9dc0086 100644
--- a/files/usr/local/etc/openldap/slapd.ldif.idm_server
+++ b/files/usr/local/etc/openldap/slapd.ldif.idm_server
@@ -119,8 +119,8 @@ olcAccess: {1}to dn.base="cn=Subschema"
by * read
olcAccess: {3}to *
by dn.exact=${slapd_replicator_dn} read
- by dn.exact=uid=${idm_admin_username},${robots_basedn} manage
- by group/groupOfMembers/member=cn=${idm_admin_groupname},${groups_basedn} manage
+ by dn.exact=krbPrincipalName=${boxconf_username},${robots_basedn} manage
+ by set="[cn=${slapd_admin_role},${roles_basedn}]/member* & user" manage
by * break
olcAccess: {4}to dn.subtree=${sudo_basedn}
by dn.children=${hosts_basedn} read
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-30 16:49:00 -0500