Supprime la contrainte sur le format de displayName, ldapsaisie faisant ses mise à jour en série et non en bloc la contrainte n'est jamais remplie, bloquant toute modification du nom et du prénom
This commit is contained in:
parent
83f0f9456c
commit
721d13f9bf
|
@ -190,7 +190,6 @@ olcConstraintAttribute: cn count 1 restrict="ldap:///ou=people,$SUFFIX??sub?(obj
|
|||
olcConstraintAttribute: cn regex "^[-A-Za-z0-9 ]*$" restrict="ldap:///ou=groups,$SUFFIX??sub?(objectClass=*)"
|
||||
olcConstraintAttribute: cn regex "^[-A-Za-z0-9 ]*$" restrict="ldap:///$SUFFIX??base?(objectClass=*)"
|
||||
olcConstraintAttribute: dc regex "^[a-z0-9-]*$"
|
||||
olcConstraintAttribute: displayName,sn,givenName set "(this/givenName + [ ] + this/sn) & this/displayName" restrict="ldap:///ou=people,$SUFFIX??sub?(objectClass=*)"
|
||||
olcConstraintAttribute: eduOrgHomePageURI,eduOrgSuperiorURI,eduOrgWhitePagesURI regex "^https?://.*$"
|
||||
olcConstraintAttribute: eduPersonAffiliation regex "^(student|faculty|staff|employee|member|affiliate|alum|library-walk-in|researcher|retired|emeritus|teacher|registered-reader)$"
|
||||
olcConstraintAttribute: eduPersonPrincipalName regex "^.*@.*$"
|
||||
|
|
10
lib/resetacl
10
lib/resetacl
|
@ -9,12 +9,13 @@ else
|
|||
SUFFIX="$1"
|
||||
fi
|
||||
|
||||
DN=`ldapsearch -H ldapi:// -Y EXTERNAL -b cn=config "olcSuffix=$SUFFIX" "" 2>/dev/null | grep ^dn | head -n1`
|
||||
DN=`ldapsearch -H ldapi:// -Y EXTERNAL -b cn=config "olcSuffix=$SUFFIX" "" 2>/dev/null | grep ^dn | head -n1 | sed 's/^dn: //'`
|
||||
DN2=`ldapsearch -H ldapi:// -Y EXTERNAL -b $DN "objectClass=olcConstraintConfig" "" 2>/dev/null | grep ^dn | head -n1 | sed 's/^dn: //'`
|
||||
|
||||
if [ "x$DN" != "" ]; then
|
||||
LDIF=`tempfile`
|
||||
cat <<EOF >$LDIF
|
||||
$DN
|
||||
dn: $DN
|
||||
changetype: modify
|
||||
replace: olcAccess
|
||||
olcAccess: {0}to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by group.exact="cn=admin,ou=groups,$SUFFIX" manage by * break
|
||||
|
@ -29,6 +30,11 @@ olcAccess: {7}to * by users search
|
|||
replace: olcDbIndex
|
||||
olcDbIndex: objectClass,contextCSN,member,eduPersonPrincipalName,owner,supannRefId eq
|
||||
olcDbIndex: supannAliasLogin,mail,givenName,uid,cn,sn,supannMailPerso,displayName pres,eq,approx,sub
|
||||
|
||||
dn: $DN2
|
||||
changetype: modify
|
||||
delete: olcConstraintAttribute
|
||||
olcConstraintAttribute: displayName,sn,givenName set "(this/givenName + [ ] + this/sn) & this/displayName" restrict="ldap:///ou=people,$SUFFIX??sub?(objectClass=*)"
|
||||
EOF
|
||||
ldapmodify -H ldapi:// -Y EXTERNAL -f $LDIF 2>/dev/null >/dev/null
|
||||
rm $LDIF
|
||||
|
|
Reference in New Issue