/[adm]/puppet/modules/openldap
ViewVC logotype

Log of /puppet/modules/openldap

View Directory Listing Directory Listing


Sticky Revision:

Revision 3255 - Directory Listing
Modified Wed Jun 19 19:20:02 2013 UTC (6 years ago) by boklm
More mga-common mga_common remaning

Revision 3254 - Directory Listing
Modified Wed Jun 19 19:15:59 2013 UTC (6 years ago) by boklm
Rename mga-common module to mga_common.

New puppet version doesn't like modules with a - in their name.

Revision 3050 - Directory Listing
Modified Thu Apr 18 12:26:30 2013 UTC (6 years, 2 months ago) by boklm
openldap: allow setting drink (favoriteDrink) attribute

Revision 2908 - Directory Listing
Modified Mon Dec 10 19:19:50 2012 UTC (6 years, 7 months ago) by boklm
Local_script -> Mga-common::Local_script

Revision 2904 - Directory Listing
Modified Mon Dec 10 18:41:24 2012 UTC (6 years, 7 months ago) by boklm
openldap: use mga-common::local_script

Revision 2603 - Directory Listing
Modified Mon Mar 19 14:09:36 2012 UTC (7 years, 3 months ago) by misc
rename common to init.pp, and split off slave in a separate file
simplify the inheritence tree, since puppet-lint complain

Revision 2602 - Directory Listing
Modified Mon Mar 19 14:09:34 2012 UTC (7 years, 3 months ago) by misc
split master of the main file

Revision 2601 - Directory Listing
Modified Mon Mar 19 14:09:31 2012 UTC (7 years, 3 months ago) by misc
split most class and define from main openldap init.pp file

Revision 2401 - Directory Listing
Modified Sun Feb 12 12:07:03 2012 UTC (7 years, 5 months ago) by misc
fix regexp for matching dsa key ( since it would have been too logical to call that dsa key and use ssh-dsa.. )

Revision 2328 - Directory Listing
Modified Sun Jan 22 23:06:16 2012 UTC (7 years, 5 months ago) by misc
do not join directly in the function, some consumers of the information requires specific changes

Revision 2327 - Directory Listing
Modified Sun Jan 22 22:53:46 2012 UTC (7 years, 5 months ago) by misc
add the function get_ldap_servers to get all ldap servers ( and
so to automatically add any slave we add later )

Revision 2324 - Directory Listing
Modified Sun Jan 22 17:05:51 2012 UTC (7 years, 5 months ago) by misc
add more group for bootstrapping

Revision 2323 - Directory Listing
Modified Sun Jan 22 16:50:20 2012 UTC (7 years, 5 months ago) by misc
also fill the ldap with server object

Revision 2322 - Directory Listing
Modified Sun Jan 22 16:50:19 2012 UTC (7 years, 5 months ago) by misc
also create Hosts ou

Revision 2321 - Directory Listing
Modified Sun Jan 22 16:50:17 2012 UTC (7 years, 5 months ago) by misc
fix needed rpm for the script

Revision 2320 - Directory Listing
Modified Sun Jan 22 16:30:24 2012 UTC (7 years, 5 months ago) by misc
fix typo

Revision 2318 - Directory Listing
Modified Sun Jan 22 16:25:59 2012 UTC (7 years, 5 months ago) by misc
refactor the declaration of group with a for loop

Revision 2317 - Directory Listing
Modified Sun Jan 22 16:17:47 2012 UTC (7 years, 5 months ago) by misc
fix typo

Revision 2316 - Directory Listing
Modified Sun Jan 22 16:15:58 2012 UTC (7 years, 5 months ago) by misc
automatically fill the ldap on test vm ( denoted by the environment variable
set to test )

Revision 2314 - Directory Listing
Modified Sat Jan 21 23:25:53 2012 UTC (7 years, 5 months ago) by misc
fix the configuration change from commit  2311

Revision 2313 - Directory Listing
Modified Sat Jan 21 23:25:51 2012 UTC (7 years, 5 months ago) by misc
do a config check before restarting openldap

Revision 2312 - Directory Listing
Modified Sat Jan 21 23:10:17 2012 UTC (7 years, 5 months ago) by misc
comment last commit, do not work as expected

Revision 2311 - Directory Listing
Modified Sat Jan 21 22:09:35 2012 UTC (7 years, 5 months ago) by misc
force some constraint on ssh key in ldap, since several packagers did not
correctly put their keys today

Revision 2291 - Directory Listing
Modified Mon Jan 16 15:25:14 2012 UTC (7 years, 5 months ago) by misc
small cleanup of openldap module service

Revision 2235 - Directory Listing
Modified Sun Jan 8 23:34:21 2012 UTC (7 years, 6 months ago) by misc
refactor the configuration of openldap

Revision 2011 - Directory Listing
Modified Mon Sep 19 10:43:37 2011 UTC (7 years, 9 months ago) by misc
fix ordering issues

Revision 1951 - Directory Listing
Modified Wed Aug 17 16:41:25 2011 UTC (7 years, 10 months ago) by misc
fix last commit, use the proper syntax for ressource inheritance

Revision 1949 - Directory Listing
Modified Wed Aug 17 16:41:19 2011 UTC (7 years, 10 months ago) by misc
fix inheritance ( worked by chance before )

Revision 1948 - Directory Listing
Modified Wed Aug 17 16:41:16 2011 UTC (7 years, 10 months ago) by misc
fix ordering

Revision 1670 - Directory Listing
Modified Sun May 29 12:58:31 2011 UTC (8 years, 1 month ago) by misc
fix again wrong quotes


Revision 1669 - Directory Listing
Modified Sun May 29 12:55:02 2011 UTC (8 years, 1 month ago) by misc
fix typo due to my old packager habits of using requires instead of require


Revision 1668 - Directory Listing
Modified Sun May 29 12:51:26 2011 UTC (8 years, 1 month ago) by misc
workaround problem on 2010.0 , where kolab schema conflict with
another one we use

Revision 1667 - Directory Listing
Modified Sun May 29 12:51:25 2011 UTC (8 years, 1 month ago) by misc
add explicit requires to the cert so we do not try to start without it

Revision 1666 - Directory Listing
Modified Sun May 29 12:51:23 2011 UTC (8 years, 1 month ago) by misc
add explicit inheritance with common, as it seems to not
work as I believe for this case ( do not have time to figure more toroughly )

Revision 1664 - Directory Listing
Modified Sun May 29 12:09:39 2011 UTC (8 years, 1 month ago) by misc
fix user used for synchronisation

Revision 1663 - Directory Listing
Modified Sun May 29 12:09:37 2011 UTC (8 years, 1 month ago) by misc
fix syntax errors

Revision 1662 - Directory Listing
Modified Sun May 29 12:09:35 2011 UTC (8 years, 1 month ago) by misc
fix the path of the ssl certificate

Revision 1661 - Directory Listing
Modified Sun May 29 12:09:34 2011 UTC (8 years, 1 month ago) by misc
fix wrong variable ( s/dc_domain/dc_suffix/ )

Revision 1660 - Directory Listing
Modified Sun May 29 12:09:32 2011 UTC (8 years, 1 month ago) by misc
add a slave class to create a 2nd ldap

Revision 1659 - Directory Listing
Modified Sun May 29 12:09:31 2011 UTC (8 years, 1 month ago) by misc
move the monitor db at the beggining of the file, so we can
add syncrepl config to the end of the db

Revision 1658 - Directory Listing
Modified Sun May 29 12:09:28 2011 UTC (8 years, 1 month ago) by misc
split the configuration for the test database in another file ( to prepare for slave server )

Revision 1563 - Directory Listing
Modified Thu Apr 21 19:23:14 2011 UTC (8 years, 2 months ago) by misc
- deploy dynlist overlay, so we can create dynamic group ( needed for i18n svn access ) 


Revision 1144 - Directory Listing
Modified Sun Feb 20 14:49:26 2011 UTC (8 years, 4 months ago) by buchan
Give group owner access (read - including search - and write) to owner attribute


Revision 1143 - Directory Listing
Modified Sun Feb 20 14:37:11 2011 UTC (8 years, 4 months ago) by buchan
Index owner attribute


Revision 1139 - Directory Listing
Modified Sat Feb 19 13:24:20 2011 UTC (8 years, 4 months ago) by misc
- add right to users to do a CMP against group member,
as the django plugin to auth against ldap ( used by transifex ) use this
to determine group membership and fail if the access is not sufficient

Revision 1096 - Directory Listing
Modified Wed Feb 16 12:57:54 2011 UTC (8 years, 4 months ago) by buchan
Let users modify their names


Revision 884 - Directory Listing
Modified Sun Jan 23 22:02:11 2011 UTC (8 years, 5 months ago) by misc
add a secondary ldap tree for testing purpose, requested by maat

Revision 877 - Directory Listing
Modified Sat Jan 22 09:48:10 2011 UTC (8 years, 5 months ago) by buchan
Change ACL for non-privileged users to not work on reset model, instead allow
registrars to change unprivileged passwords directly


Revision 669 - Directory Listing
Modified Thu Jan 6 01:33:41 2011 UTC (8 years, 6 months ago) by misc
- rename base class, more consistent

Revision 642 - Directory Listing
Modified Fri Dec 17 00:50:53 2010 UTC (8 years, 7 months ago) by misc
ensure that email are unique at ldap level

Revision 634 - Directory Listing
Modified Thu Dec 16 12:49:49 2010 UTC (8 years, 7 months ago) by misc
- do not let user change their own memberOf attribute, ( even if the overlay may prevent it )


Revision 605 - Directory Listing
Modified Tue Dec 14 18:29:41 2010 UTC (8 years, 7 months ago) by misc
let users see who is in another group ( needed for sympa )

Revision 575 - Directory Listing
Modified Fri Dec 10 20:17:41 2010 UTC (8 years, 7 months ago) by misc
allow users to read memberof, and use overlay to keep the changes in sync

Revision 486 - Directory Listing
Modified Tue Nov 30 19:21:46 2010 UTC (8 years, 7 months ago) by misc
since the domain name is not added automatically by openssl module, add
it here

Revision 420 - Directory Listing
Modified Tue Nov 23 13:29:44 2010 UTC (8 years, 7 months ago) by buchan
Allow users to write their own sshPublicKey, and all users to read it


Revision 392 - Directory Listing
Modified Mon Nov 22 13:20:26 2010 UTC (8 years, 7 months ago) by buchan
Fix host access to posixAccount attrs


Revision 376 - Directory Listing
Modified Mon Nov 22 02:04:03 2010 UTC (8 years, 7 months ago) by misc
- add proper access to nss_ldap user so pam_ldap auth can work

Revision 375 - Directory Listing
Modified Mon Nov 22 02:04:02 2010 UTC (8 years, 7 months ago) by misc
- do not hardcode mageia.org in acl

Revision 347 - Directory Listing
Modified Sun Nov 21 17:22:33 2010 UTC (8 years, 7 months ago) by misc
- use new class for openssl certs

Revision 344 - Directory Listing
Modified Sun Nov 21 16:45:39 2010 UTC (8 years, 7 months ago) by misc
- create a self signed certificate if not present ( for test vm )

Revision 340 - Directory Listing
Modified Sat Nov 20 11:52:54 2010 UTC (8 years, 7 months ago) by misc
- do not let file with passwords to be world readable 
    ( even if being readable by apache is not good either, but needed as the password is used by apache )
- use ldaps for sympa
- use the 2 new facter macro and remove the version copied everywhere
- remove hardcoded domain in bugzilla and others


Revision 212 - Directory Listing
Modified Tue Nov 9 14:25:10 2010 UTC (8 years, 8 months ago) by buchan
Close more anon access, and open up read access to some inetOrgPerson attrs to users


Revision 211 - Directory Listing
Modified Tue Nov 9 02:21:57 2010 UTC (8 years, 8 months ago) by misc
- replace hardcoded domain by a variable, to ease reuse of the module 


Revision 144 - Directory Listing
Modified Fri Nov 5 14:27:41 2010 UTC (8 years, 8 months ago) by buchan
Allow a bit more access to groups


Revision 142 - Directory Listing
Modified Fri Nov 5 13:03:26 2010 UTC (8 years, 8 months ago) by buchan
Try and allow users to identify the groups another user is in


Revision 141 - Directory Listing
Modified Fri Nov 5 12:41:38 2010 UTC (8 years, 8 months ago) by buchan
Give registrar group read access to some attributes again, and reduce users access
 added in previous commit


Revision 140 - Directory Listing
Modified Fri Nov 5 12:38:44 2010 UTC (8 years, 8 months ago) by buchan
Open read access for users to contact-type details for now


Revision 137 - Directory Listing
Modified Fri Nov 5 12:30:14 2010 UTC (8 years, 8 months ago) by buchan
Catdap needs some search access as well
Also allow catdap to write preferredLanguage


Revision 134 - Directory Listing
Modified Fri Nov 5 12:19:23 2010 UTC (8 years, 8 months ago) by buchan
Finalise registration ACLs
Restrict anonymous access (to none)
Add some additional ACLs to put back some access that previously relied on anonymous
Listen on all IP addresses, and ldapi
Assign localSSF matching ssf requirement, so we allow ldapi,ldaps,ldap+start_tls



Revision 82 - Directory Listing
Modified Thu Nov 4 12:06:15 2010 UTC (8 years, 8 months ago) by buchan
ACLs:
  Add ACLs required for self-registration application to registrar system group
  Allow Account admins to unlock accounts (write to pwdAccountLockedTime)
  Allow users to update their email address and preferredLanguage
Schema:
  Switch to rfc2307bis (replacing nis.schema and autofs.schema)
  Add LPK


Revision 63 - Directory Listing
Modified Fri Oct 29 01:05:58 2010 UTC (8 years, 8 months ago) by misc
- add ldap config file, with ldap restricted to localhost (until we set a firewall or stricter acl)


Revision 62 - Directory Listing
Modified Fri Oct 29 00:40:37 2010 UTC (8 years, 8 months ago) by misc
- fix the config file so it work on x86_64 and x86

Revision 54 - Directory Listing
Modified Thu Oct 28 23:27:31 2010 UTC (8 years, 8 months ago) by misc
-fix templates naming

Revision 53 - Directory Listing
Added Thu Oct 28 22:55:56 2010 UTC (8 years, 8 months ago) by misc
- deploy ldap with puppet on valstar


  ViewVC Help
Powered by ViewVC 1.1.26