Revision
575
Author
misc
Date
2010-12-10 21:17:41 +0100 (Fri, 10 Dec 2010)

Log Message

allow users to read memberof, and use overlay to keep the changes in sync

Modified Paths

Modified: puppet/modules/openldap/templates/mandriva-dit-access.conf
===================================================================
--- puppet/modules/openldap/templates/mandriva-dit-access.conf	2010-12-10 20:17:40 UTC (rev 574)
+++ puppet/modules/openldap/templates/mandriva-dit-access.conf	2010-12-10 20:17:41 UTC (rev 575)
@@ -113,7 +113,7 @@
 
 # let the user change some of his/her attributes
 access to dn.subtree="ou=People,<%= dc_suffix %>"
-	attrs=carLicense,homePhone,homePostalAddress,mobile,pager,telephoneNumber,mail,preferredLanguage,sshPublicKey
+	attrs=carLicense,homePhone,homePostalAddress,mobile,pager,telephoneNumber,mail,preferredLanguage,sshPublicKey,memberOf
 	by self write
 	by users read
 

Modified: puppet/modules/openldap/templates/slapd.conf
===================================================================
--- puppet/modules/openldap/templates/slapd.conf	2010-12-10 20:17:40 UTC (rev 574)
+++ puppet/modules/openldap/templates/slapd.conf	2010-12-10 20:17:41 UTC (rev 575)
@@ -31,6 +31,7 @@
 moduleload	syncprov.la
 moduleload	ppolicy.la
 #moduleload	refint.la
+moduleload  memberof.la
 
 TLSCertificateFile      /etc/ssl/openldap/ldap.pem
 TLSCertificateKeyFile   /etc/ssl/openldap/ldap.pem
@@ -72,6 +73,8 @@
 index	entryCSN,entryUUID				eq
 index	dhcpHWAddress,dhcpClassData			eq
 
+overlay memberof
+
 overlay syncprov
 syncprov-checkpoint 100 10
 syncprov-sessionlog 100