On Mon, Apr 23, 2012 at 05:03:28PM +0200, Jan Cholasta wrote:
> On 16.4.2012 22:39, Nalin Dahyabhai wrote:
> >This bit of configuration creates a cn=computers area under cn=compat
> >which we populate with ieee802Device entries corresponding to any
> >ipaHost entries which have both fqdn and macAddress values.
> 
> Please add this to install/updates/10-schema_compat.update as well.

Okay, I think a simple copy is enough, but am not yet sufficiently
familiar with the install/{share,update} stuff to be completely sure.

Nalin
From 9cfbef42a0efa8898caf3454c07b729f58f526ba Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <na...@dahyabhai.net>
Date: Mon, 16 Apr 2012 15:31:12 -0400
Subject: [PATCH 2/3] - create a "cn=computers" compat area populated with
 ieee802Device entries corresponding to computers with
 fqdn and macAddress attributes

---
 install/share/schema_compat.uldif       |   14 ++++++++++++++
 install/updates/10-schema_compat.update |   15 +++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/install/share/schema_compat.uldif 
b/install/share/schema_compat.uldif
index f042edf..38bf678 100644
--- a/install/share/schema_compat.uldif
+++ b/install/share/schema_compat.uldif
@@ -92,6 +92,20 @@ add:schema-compat-entry-attribute: 
'sudoRunAsGroup=%{ipaSudoRunAsExtGroup}'
 add:schema-compat-entry-attribute: 'sudoRunAsGroup=%deref("ipaSudoRunAs","cn")'
 add:schema-compat-entry-attribute: 'sudoOption=%{ipaSudoOpt}'
 
+dn: cn=computers, cn=Schema Compatibility, cn=plugins, cn=config
+default:objectClass: top
+default:objectClass: extensibleObject
+default:cn: computers
+default:schema-compat-container-group: cn=compat, $SUFFIX
+default:schema-compat-container-rdn: cn=computers
+default:schema-compat-search-base: cn=computers, cn=accounts, $SUFFIX
+default:schema-compat-search-filter: 
(&(macAddress=*)(fqdn=*)(objectClass=ipaHost))
+default:schema-compat-entry-rdn: 'cn=%first("%{fqdn}")'
+default:schema-compat-entry-attribute: objectclass=device
+default:schema-compat-entry-attribute: objectclass=ieee802Device
+default:schema-compat-entry-attribute: cn=%{fqdn}
+default:schema-compat-entry-attribute: macAddress=%{macAddress}
+
 # Enable anonymous VLV browsing for Solaris
 dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
 only:aci: '(targetattr !="aci")(version 3.0; acl "VLV Request Control"; allow 
(read, search, compare, proxy) userdn = "ldap:///anyone";; )'
diff --git a/install/updates/10-schema_compat.update 
b/install/updates/10-schema_compat.update
index 8ef1424..46a94c3 100644
--- a/install/updates/10-schema_compat.update
+++ b/install/updates/10-schema_compat.update
@@ -4,3 +4,18 @@ replace: 
schema-compat-entry-attribute:'sudoRunAsGroup=%deref("ipaSudoRunAs","cn
 # as the original, '' or -.
 dn: cn=ng,cn=Schema Compatibility,cn=plugins,cn=config
 replace: 
schema-compat-entry-attribute:'nisNetgroupTriple=(%link("%ifeq(\"hostCategory\",\"all\",\"\",\"%collect(\\\"%{externalHost}\\\",\\\"%deref(\\\\\\\"memberHost\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberHost\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\")\")","-",",","%ifeq(\"userCategory\",\"all\",\"\",\"%collect(\\\"%deref(\\\\\\\"memberUser\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberUser\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\")\")","-"),%{nisDomainName:-})::nisNetgroupTriple=(%link("%ifeq(\"hostCategory\",\"all\",\"\",\"%collect(\\\"%{externalHost}\\\",\\\"%deref(\\\\\\\"memberHost\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberHost\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"fqdn\\\\\\\")\\\")\")","%ifeq(\"hostCategory\",\"all\",\"\",\"-\")",",","%ifeq(\"userCategory\",\"all\",\"\",\"%collect(\\\"%deref(\\\\\\\"memberUser\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\",\\\"%deref_r(\\\\\\\"memberUser\\\\\\\",\\\\\\\"member\\\\\\\",\\\\\\\"uid\\\\\\\")\\\")\")","%ifeq(\"userCategory\",\"all\",\"\",\"-\")"),%{nisDomainName:-})'
+
+dn: cn=computers, cn=Schema Compatibility, cn=plugins, cn=config
+default:objectClass: top
+default:objectClass: extensibleObject
+default:cn: computers
+default:schema-compat-container-group: cn=compat, $SUFFIX
+default:schema-compat-container-rdn: cn=computers
+default:schema-compat-search-base: cn=computers, cn=accounts, $SUFFIX
+default:schema-compat-search-filter: 
(&(macAddress=*)(fqdn=*)(objectClass=ipaHost))
+default:schema-compat-entry-rdn: 'cn=%first("%{fqdn}")'
+default:schema-compat-entry-attribute: objectclass=device
+default:schema-compat-entry-attribute: objectclass=ieee802Device
+default:schema-compat-entry-attribute: cn=%{fqdn}
+default:schema-compat-entry-attribute: macAddress=%{macAddress}
+
-- 
1.7.10

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to