Adding schema/10-root-aci.ldif

author Frank Brehm <frank.brehm@pixelpark.com>

Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)

committer Frank Brehm <frank.brehm@pixelpark.com>

Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)
author Frank Brehm <frank.brehm@pixelpark.com>
Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)
committer Frank Brehm <frank.brehm@pixelpark.com>
Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)
diff --git a/schema/10-root-aci.ldif b/schema/10-root-aci.ldif

new file mode 100644 (file)

index 0000000..546fdc7
--- /dev/null
+++ b/schema/10-root-aci.ldif
@@ -0,0 +1,6 @@
+dn: o=isp
+changetype: modify
+add: aci
+aci: (targetattr!="userPassword || aci")(version 3.0; acl "Enable anonymous access"; allow (read, search, compare) userdn="ldap:///anyone";)
+aci: (targetattr="carLicense || description || displayName || facsimileTelephoneNumber || homePhone || homePostalAddress || initials || jpegPhoto || labeledURI || mail || mobile || pager || photo || postOfficeBox || postalAddress || postalCode || preferredDeliveryMethod || preferredLanguage || registeredAddress || roomNumber || secretary || seeAlso || st || street || telephoneNumber || telexNumber || title || userCertificate || userPassword || userSMIMECertificate || x500UniqueIdentifier")(version 3.0; acl "Enable self write for common attributes"; allow (write) userdn="ldap:///self";)
+aci: (targetattr ="*")(version 3.0;acl "Directory Administrators Group";allow (all) (groupdn = "ldap:///cn=Directory Administrators,o=isp");)
author	Frank Brehm <frank.brehm@pixelpark.com>
	Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)
committer	Frank Brehm <frank.brehm@pixelpark.com>
	Thu, 17 Jun 2021 14:11:41 +0000 (16:11 +0200)