diff options
| author | Michael Scherer <misc@mageia.org> | 2012-01-21 22:09:35 +0000 |
|---|---|---|
| committer | Michael Scherer <misc@mageia.org> | 2012-01-21 22:09:35 +0000 |
| commit | cef8ef60e96d84890311c2a76fc0422795db1938 (patch) | |
| tree | f2ec599df1d74db7d8f449a49077cf0b085c7447 /modules/openldap | |
| parent | a4cc319ca0a64b1b20bb0eac450e4421aff0624b (diff) | |
| download | puppet-cef8ef60e96d84890311c2a76fc0422795db1938.tar puppet-cef8ef60e96d84890311c2a76fc0422795db1938.tar.gz puppet-cef8ef60e96d84890311c2a76fc0422795db1938.tar.bz2 puppet-cef8ef60e96d84890311c2a76fc0422795db1938.tar.xz puppet-cef8ef60e96d84890311c2a76fc0422795db1938.zip | |
force some constraint on ssh key in ldap, since several packagers did not
correctly put their keys today
Diffstat (limited to 'modules/openldap')
| -rw-r--r-- | modules/openldap/templates/slapd.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/modules/openldap/templates/slapd.conf b/modules/openldap/templates/slapd.conf index ac67b714..6ae637c2 100644 --- a/modules/openldap/templates/slapd.conf +++ b/modules/openldap/templates/slapd.conf @@ -37,6 +37,7 @@ moduleload ppolicy.la moduleload memberof.la moduleload unique.la moduleload dynlist.la +moduleload constraint.la TLSCertificateFile /etc/ssl/openldap/ldap.<%= domain %>.pem TLSCertificateKeyFile /etc/ssl/openldap/ldap.<%= domain %>.pem @@ -101,6 +102,9 @@ unique_uri ldap:///?mail?sub? overlay dynlist dynlist-attrset groupOfURLs memberURL member +overlay constraint +constraint_attribute sshPublicKey regex ^ssh-[rd]sa [[:graph:]]+ [[:graph:]]+$ + # uncomment if you want to automatically update group # memberships when an user is removed from the tree # Also uncomment the refint.la moduleload above |