Compare commits

..

1 Commits

Author SHA1 Message Date
0e223d0593 Recover 2.6 version of the patch 2021-01-20 14:05:01 +01:00
6 changed files with 116 additions and 213 deletions

View File

@ -1,50 +1,26 @@
--- distrib/slapd.conf 2019-06-04 11:18:04.000000000 +0200
+++ modif/slapd.conf 2021-01-12 11:06:19.496162295 +0100
@@ -23,11 +23,19 @@
+++ modif/slapd.conf 2020-03-24 09:10:44.724586266 +0100
@@ -23,6 +23,7 @@
%elif %%ldap_schema == 'zephir'
include /etc/ldap/schema/openldap.schema
%end if
+include /etc/ldap/schema/cadoles.schema
## Support du TLS
+%if %%cert_type == "manuel"
+TLSCertificateFile %%server_cert
+TLSCertificateKeyFile %%server_key
+TLSCACertificateFile %%server_pem
+%else
TLSCertificateFile /etc/ldap/ssl/certs/openldap.crt
TLSCertificateKeyFile /etc/ldap/ssl/private/openldap.key
TLSCACertificateFile /etc/ssl/certs/ca.crt
+%end if
+
TLSVerifyClient never
TLSCipherSuite SECURE256:+SIGN-ALL:-VERS-SSL3.0:!AES-128-CBC:!3DES-CBC:!DES-CBC:!ARCFOUR-128:!ARCFOUR-40:!RC2-40:!CAMELLIA-128-CBC:!NULL
@@ -46,6 +54,7 @@
@@ -46,6 +47,7 @@
%if %%ldap_replication == 'oui' or %%ldap_replication_client == 'oui'
moduleload syncprov
%end if
+moduleload memberof
# Sample security restrictions
# Require integrity protection (prevent hijacking)
@@ -80,6 +89,7 @@
# compatibilite EAD1 et appli PHP
allow bind_v2
+allow bind_anon_dn
database bdb
# The base of your directory
@@ -216,6 +226,10 @@
syncprov-sessionlog 100
%end if
+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember
+
@@ -219,3 +221,7 @@
%if %%ldap_replication_client == 'oui'
include /etc/ldap/replication.conf
%end if
+
+overlay memberof
+memberof-group-oc cadolesGroup
+memberof-member-ad cadolesMember

View File

@ -1,96 +0,0 @@
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.1
schemaIdGuid:: BS9z8eJKvYZ+lS8OJgeC1g==
cn: cadolesPerson
name: cadolesPerson
lDAPDisplayName: cadolesPerson
description: Description Personne Cadoles
subClassOf: top
objectClassCategory: 3
mayContain: givensName
mayContain: usualname
mayContain: birthdate
mayContain: birthcountry
mayContain: birthplace
mayContain: gender
mayContain: job
mayContain: position
mayContain: belongingpopulation
mayContain: authlevel
defaultObjectCategory: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.2
schemaIdGuid:: 7pJbNueSjwpq7TsL2aiW1w==
cn: cadolesSiren
name: cadolesSiren
lDAPDisplayName: cadolesSiren
description: Siren
subClassOf: top
objectClassCategory: 3
mayContain: siren
mayContain: niveau01
defaultObjectCategory: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.3
schemaIdGuid:: BOOf/nwBuCFehtpsyYrLjA==
cn: cadolesSiret
name: cadolesSiret
lDAPDisplayName: cadolesSiret
description: Siret
subClassOf: top
objectClassCategory: 3
mayContain: siret
mayContain: postalAddress
mayContain: niveau02
defaultObjectCategory: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.4
schemaIdGuid:: IPc/rPzhpAjekHrvXgdI8w==
cn: cadolesGroup
name: cadolesGroup
lDAPDisplayName: cadolesGroup
description: Descirption Groupe Cadoles
subClassOf: top
objectClassCategory: 3
mayContain: cadolesMember
defaultObjectCategory: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}

View File

@ -297,3 +297,100 @@ description: Label Etablissement
attributeSyntax: 2.5.5.12
oMSyntax: 64
isSingleValued: TRUE
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.1
schemaIdGuid:: BS9z8eJKvYZ+lS8OJgeC1g==
cn: cadolesPerson
name: cadolesPerson
lDAPDisplayName: cadolesPerson
description: Description Personne Cadoles
subClassOf: top
objectClassCategory: 3
mayContain: givensName
mayContain: usualname
mayContain: birthdate
mayContain: birthcountry
mayContain: birthplace
mayContain: gender
mayContain: job
mayContain: position
mayContain: belongingpopulation
mayContain: authlevel
defaultObjectCategory: CN=cadolesPerson,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.2
schemaIdGuid:: 7pJbNueSjwpq7TsL2aiW1w==
cn: cadolesSiren
name: cadolesSiren
lDAPDisplayName: cadolesSiren
description: Siren
subClassOf: top
objectClassCategory: 3
mayContain: siren
mayContain: niveau01
defaultObjectCategory: CN=cadolesSiren,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.3
schemaIdGuid:: BOOf/nwBuCFehtpsyYrLjA==
cn: cadolesSiret
name: cadolesSiret
lDAPDisplayName: cadolesSiret
description: Siret
subClassOf: top
objectClassCategory: 3
mayContain: siret
mayContain: postalAddress
mayContain: niveau02
defaultObjectCategory: CN=cadolesSiret,CN=Schema,CN=Configuration,{DNCONFIG}
DN:
changeType: modify
add: schemaUpdateNow
schemaUpdateNow: 1
-
dn: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}
changeType: add
objectClass: top
objectClass: classSchema
governsID: 2.16.840.1.113732.3.1.4
schemaIdGuid:: IPc/rPzhpAjekHrvXgdI8w==
cn: cadolesGroup
name: cadolesGroup
lDAPDisplayName: cadolesGroup
description: Descirption Groupe Cadoles
subClassOf: top
objectClassCategory: 3
mayContain: cadolesMember
defaultObjectCategory: CN=cadolesGroup,CN=Schema,CN=Configuration,{DNCONFIG}

View File

@ -1,69 +0,0 @@
#!/bin/bash
#
# Initialisation of LDAP Directory
#
#
# Run command as particular user
#
function runAs() {
USER=${1}
shift
CMD="su ${USER} -s /bin/bash -c ${@}"
eval ${CMD}
return ${?}
}
function addLDAPschema()
{
LDIF="/etc/cadolesldap/init/cadolesldap.ldif"
USER="openldap"
CMD="\"slapadd -l ${LDIF} -f \"/etc/ldap/slapd.conf\"\""
service slapd stop
runAs ${USER} ${CMD}
result=$((result+${?}))
service slapd start
return ${result}
}
function addADSchema()
{
/usr/share/eole/sbin/cadoles_add_schema.sh
return ${?}
}
function main()
{
MODE=${1}
result=0
if [[ ${MODE} == "instance" ]]
then
if [[ $(CreoleGet eole_module) == "seth" ]]
then
addADSchema
return ${?}
else
addLDAPschema
return ${?}
fi
fi
}
if [[ $(CreoleGet eole_module eolebase) != "seth" ]]
then
exit 0
fi
if [[ $(CreoleGet activer_cadolesldap non) == "oui" ]]
then
main $@
exit ${?}
else
exit 0
fi

View File

@ -55,11 +55,6 @@ function main()
fi
}
if [[ $(CreoleGet eole_module eolebase) == "seth" ]]
then
exit 0
fi
if [[ $(CreoleGet activer_cadolesldap non) == "oui" ]]
then
main $@

View File

@ -33,23 +33,23 @@ RETURNED=$(ldbsearch --option="dsdb:schema update allowed"=true -H /var/lib/samb
if [ "$RETURNED" = "# returned 0 records" ]; then
# Import schema
SCHEMAS="cadoles.schema cadoles.schema-2"
SCHEMAS="cadoles.schema"
PRIVATE_DIR=/etc/eole/private
for schema in $SCHEMAS
do
updateSchemaDN "{DNCONFIG}" "${DN}" /etc/ldap/schema/eole/${schema}.ldif
if [[ $? -ne 0 ]]
then
updateSchemaDN "{DNCONFIG}" "${DN}" /etc/ldap/schema/eole/${schema}.ldif
if [[ $? -ne 0 ]]
then
echo "Error updating DN for ${schema}"
break
fi
ldbmodify -H /var/lib/samba/private/sam.ldb /etc/ldap/schema/eole/${schema}.ldif --option="dsdb:schema update allowed"=true
if [[ $? -ne 0 ]]
then
echo "Error updating Schema ${schema} !!"
break
fi
if [[ $? -ne 0 ]]
then
echo "Error updating Schema ${schema} !!"
break
fi
done
fi