Compare commits
1 Commits
master
...
2.6.2/mast
Author | SHA1 | Date | |
---|---|---|---|
0e223d0593 |
@ -1,50 +1,26 @@
|
||||
--- distrib/slapd.conf 2019-06-04 11:18:04.000000000 +0200
|
||||
+++ modif/slapd.conf 2021-01-12 11:06:19.496162295 +0100
|
||||
@@ -23,11 +23,19 @@
|
||||
+++ modif/slapd.conf 2020-03-24 09:10:44.724586266 +0100
|
||||
@@ -23,6 +23,7 @@
|
||||
%elif %%ldap_schema == 'zephir'
|
||||
include /etc/ldap/schema/openldap.schema
|
||||
%end if
|
||||
+include /etc/ldap/schema/cadoles.schema
|
||||
|
||||
|
||||
## Support du TLS
|
||||
+%if %%cert_type == "manuel"
|
||||
+TLSCertificateFile %%server_cert
|
||||
+TLSCertificateKeyFile %%server_key
|
||||
+TLSCACertificateFile %%server_pem
|
||||
+%else
|
||||
TLSCertificateFile /etc/ldap/ssl/certs/openldap.crt
|
||||
TLSCertificateKeyFile /etc/ldap/ssl/private/openldap.key
|
||||
TLSCACertificateFile /etc/ssl/certs/ca.crt
|
||||
+%end if
|
||||
+
|
||||
TLSVerifyClient never
|
||||
TLSCipherSuite SECURE256:+SIGN-ALL:-VERS-SSL3.0:!AES-128-CBC:!3DES-CBC:!DES-CBC:!ARCFOUR-128:!ARCFOUR-40:!RC2-40:!CAMELLIA-128-CBC:!NULL
|
||||
|
||||
@@ -46,6 +54,7 @@
|
||||
@@ -46,6 +47,7 @@
|
||||
%if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui'
|
||||
moduleload syncprov
|
||||
%end if
|
||||
+moduleload memberof
|
||||
|
||||
|
||||
# Sample security restrictions
|
||||
# Require integrity protection (prevent hijacking)
|
||||
@@ -80,6 +89,7 @@
|
||||
|
||||
# compatibilite EAD1 et appli PHP
|
||||
allow bind_v2
|
||||
+allow bind_anon_dn
|
||||
|
||||
database bdb
|
||||
# The base of your directory
|
||||
@@ -216,6 +226,10 @@
|
||||
syncprov-sessionlog 100
|
||||
%end if
|
||||
|
||||
+overlay memberof
|
||||
+memberof-group-oc cadolesGroup
|
||||
+memberof-member-ad cadolesMember
|
||||
+
|
||||
@@ -219,3 +221,7 @@
|
||||
%if %%ldap_replication_client == 'oui'
|
||||
include /etc/ldap/replication.conf
|
||||
%end if
|
||||
|
||||
+
|
||||
+overlay memberof
|
||||
+memberof-group-oc cadolesGroup
|
||||
+memberof-member-ad cadolesMember
|
||||
|
@ -1,96 +0,0 @@
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.1
|
||||
schemaIdGuid:: BS9z8eJKvYZ+lS8OJgeC1g==
|
||||
cn: cadolesPerson
|
||||
name: cadolesPerson
|
||||
lDAPDisplayName: cadolesPerson
|
||||
description: Description Personne Cadoles
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: givensName
|
||||
mayContain: usualname
|
||||
mayContain: birthdate
|
||||
mayContain: birthcountry
|
||||
mayContain: birthplace
|
||||
mayContain: gender
|
||||
mayContain: job
|
||||
mayContain: position
|
||||
mayContain: belongingpopulation
|
||||
mayContain: authlevel
|
||||
defaultObjectCategory: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.2
|
||||
schemaIdGuid:: 7pJbNueSjwpq7TsL2aiW1w==
|
||||
cn: cadolesSiren
|
||||
name: cadolesSiren
|
||||
lDAPDisplayName: cadolesSiren
|
||||
description: Siren
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: siren
|
||||
mayContain: niveau01
|
||||
defaultObjectCategory: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.3
|
||||
schemaIdGuid:: BOOf/nwBuCFehtpsyYrLjA==
|
||||
cn: cadolesSiret
|
||||
name: cadolesSiret
|
||||
lDAPDisplayName: cadolesSiret
|
||||
description: Siret
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: siret
|
||||
mayContain: postalAddress
|
||||
mayContain: niveau02
|
||||
defaultObjectCategory: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.4
|
||||
schemaIdGuid:: IPc/rPzhpAjekHrvXgdI8w==
|
||||
cn: cadolesGroup
|
||||
name: cadolesGroup
|
||||
lDAPDisplayName: cadolesGroup
|
||||
description: Descirption Groupe Cadoles
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: cadolesMember
|
||||
defaultObjectCategory: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
@ -297,3 +297,100 @@ description: Label Etablissement
|
||||
attributeSyntax: 2.5.5.12
|
||||
oMSyntax: 64
|
||||
isSingleValued: TRUE
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.1
|
||||
schemaIdGuid:: BS9z8eJKvYZ+lS8OJgeC1g==
|
||||
cn: cadolesPerson
|
||||
name: cadolesPerson
|
||||
lDAPDisplayName: cadolesPerson
|
||||
description: Description Personne Cadoles
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: givensName
|
||||
mayContain: usualname
|
||||
mayContain: birthdate
|
||||
mayContain: birthcountry
|
||||
mayContain: birthplace
|
||||
mayContain: gender
|
||||
mayContain: job
|
||||
mayContain: position
|
||||
mayContain: belongingpopulation
|
||||
mayContain: authlevel
|
||||
defaultObjectCategory: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.2
|
||||
schemaIdGuid:: 7pJbNueSjwpq7TsL2aiW1w==
|
||||
cn: cadolesSiren
|
||||
name: cadolesSiren
|
||||
lDAPDisplayName: cadolesSiren
|
||||
description: Siren
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: siren
|
||||
mayContain: niveau01
|
||||
defaultObjectCategory: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.3
|
||||
schemaIdGuid:: BOOf/nwBuCFehtpsyYrLjA==
|
||||
cn: cadolesSiret
|
||||
name: cadolesSiret
|
||||
lDAPDisplayName: cadolesSiret
|
||||
description: Siret
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: siret
|
||||
mayContain: postalAddress
|
||||
mayContain: niveau02
|
||||
defaultObjectCategory: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
DN:
|
||||
changeType: modify
|
||||
add: schemaUpdateNow
|
||||
schemaUpdateNow: 1
|
||||
-
|
||||
|
||||
dn: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
changeType: add
|
||||
objectClass: top
|
||||
objectClass: classSchema
|
||||
governsID: 2.16.840.1.113732.3.1.4
|
||||
schemaIdGuid:: IPc/rPzhpAjekHrvXgdI8w==
|
||||
cn: cadolesGroup
|
||||
name: cadolesGroup
|
||||
lDAPDisplayName: cadolesGroup
|
||||
description: Descirption Groupe Cadoles
|
||||
subClassOf: top
|
||||
objectClassCategory: 3
|
||||
mayContain: cadolesMember
|
||||
defaultObjectCategory: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
|
||||
|
||||
|
@ -1,69 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# Initialisation of LDAP Directory
|
||||
#
|
||||
|
||||
|
||||
#
|
||||
# Run command as particular user
|
||||
#
|
||||
function runAs() {
|
||||
USER=${1}
|
||||
shift
|
||||
CMD="su ${USER} -s /bin/bash -c ${@}"
|
||||
|
||||
eval ${CMD}
|
||||
return ${?}
|
||||
}
|
||||
|
||||
function addLDAPschema()
|
||||
{
|
||||
LDIF="/etc/cadolesldap/init/cadolesldap.ldif"
|
||||
USER="openldap"
|
||||
CMD="\"slapadd -l ${LDIF} -f \"/etc/ldap/slapd.conf\"\""
|
||||
|
||||
service slapd stop
|
||||
runAs ${USER} ${CMD}
|
||||
result=$((result+${?}))
|
||||
service slapd start
|
||||
return ${result}
|
||||
}
|
||||
|
||||
function addADSchema()
|
||||
{
|
||||
/usr/share/eole/sbin/cadoles_add_schema.sh
|
||||
return ${?}
|
||||
}
|
||||
|
||||
function main()
|
||||
{
|
||||
MODE=${1}
|
||||
result=0
|
||||
|
||||
|
||||
if [[ ${MODE} == "instance" ]]
|
||||
then
|
||||
if [[ $(CreoleGet eole_module) == "seth" ]]
|
||||
then
|
||||
addADSchema
|
||||
return ${?}
|
||||
else
|
||||
addLDAPschema
|
||||
return ${?}
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ $(CreoleGet eole_module eolebase) != "seth" ]]
|
||||
then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ $(CreoleGet activer_cadolesldap non) == "oui" ]]
|
||||
then
|
||||
main $@
|
||||
exit ${?}
|
||||
else
|
||||
exit 0
|
||||
fi
|
@ -55,11 +55,6 @@ function main()
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ $(CreoleGet eole_module eolebase) == "seth" ]]
|
||||
then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ $(CreoleGet activer_cadolesldap non) == "oui" ]]
|
||||
then
|
||||
main $@
|
||||
|
@ -33,23 +33,23 @@ RETURNED=$(ldbsearch --option="dsdb:schema update allowed"=true -H /var/lib/samb
|
||||
|
||||
if [ "$RETURNED" = "# returned 0 records" ]; then
|
||||
# Import schema
|
||||
SCHEMAS="cadoles.schema cadoles.schema-2"
|
||||
SCHEMAS="cadoles.schema"
|
||||
PRIVATE_DIR=/etc/eole/private
|
||||
|
||||
for schema in $SCHEMAS
|
||||
do
|
||||
updateSchemaDN "{DNCONFIG}" "${DN}" /etc/ldap/schema/eole/${schema}.ldif
|
||||
if [[ $? -ne 0 ]]
|
||||
then
|
||||
updateSchemaDN "{DNCONFIG}" "${DN}" /etc/ldap/schema/eole/${schema}.ldif
|
||||
if [[ $? -ne 0 ]]
|
||||
then
|
||||
echo "Error updating DN for ${schema}"
|
||||
break
|
||||
fi
|
||||
ldbmodify -H /var/lib/samba/private/sam.ldb /etc/ldap/schema/eole/${schema}.ldif --option="dsdb:schema update allowed"=true
|
||||
if [[ $? -ne 0 ]]
|
||||
then
|
||||
echo "Error updating Schema ${schema} !!"
|
||||
break
|
||||
fi
|
||||
if [[ $? -ne 0 ]]
|
||||
then
|
||||
echo "Error updating Schema ${schema} !!"
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user