ansible-roles/ldap/templates/config_ldapvi.j2
2017-10-25 11:55:32 +02:00

8 lines
725 B
Django/Jinja

modify: olcDatabase={1}mdb,cn=config
olcSuffix: {{ ldap_suffix }}
olcRootDN: cn=admin,{{ ldap_suffix }}
olcRootPW: {{ ldap_admin_password_ssha.stdout }}
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
olcAccess: {1}to attrs=userPassword by self write by anonymous auth by dn="cn=admin,{{ ldap_suffix }}" write by dn="cn=perl,ou=ldapusers,{{ ldap_suffix }}" write by * none
olcAccess: {2}to attrs=shadowLastChange by self write by dn="cn=admin,{{ ldap_suffix }}" write by dn="cn=perl,ou=ldapusers,{{ ldap_suffix }}" write by * read
olcAccess: {3}to * by self write by dn="cn=admin,{{ ldap_suffix }}" write by dn="cn=perl,ou=ldapusers,{{ ldap_suffix }}" write by * read