Supprime la contrainte sur le format de displayName, ldapsaisie faisant ses mise à jour en série et non en bloc la contrainte n'est jamais remplie, bloquant toute modification du nom et du prénom

This commit is contained in:
Benjamin Dauvergne 2015-03-26 11:56:43 +01:00
parent 83f0f9456c
commit 721d13f9bf
2 changed files with 8 additions and 3 deletions

View File

@ -190,7 +190,6 @@ olcConstraintAttribute: cn count 1 restrict="ldap:///ou=people,$SUFFIX??sub?(obj
olcConstraintAttribute: cn regex "^[-A-Za-z0-9 ]*$" restrict="ldap:///ou=groups,$SUFFIX??sub?(objectClass=*)"
olcConstraintAttribute: cn regex "^[-A-Za-z0-9 ]*$" restrict="ldap:///$SUFFIX??base?(objectClass=*)"
olcConstraintAttribute: dc regex "^[a-z0-9-]*$"
olcConstraintAttribute: displayName,sn,givenName set "(this/givenName + [ ] + this/sn) & this/displayName" restrict="ldap:///ou=people,$SUFFIX??sub?(objectClass=*)"
olcConstraintAttribute: eduOrgHomePageURI,eduOrgSuperiorURI,eduOrgWhitePagesURI regex "^https?://.*$"
olcConstraintAttribute: eduPersonAffiliation regex "^(student|faculty|staff|employee|member|affiliate|alum|library-walk-in|researcher|retired|emeritus|teacher|registered-reader)$"
olcConstraintAttribute: eduPersonPrincipalName regex "^.*@.*$"

View File

@ -9,12 +9,13 @@ else
SUFFIX="$1"
fi
DN=`ldapsearch -H ldapi:// -Y EXTERNAL -b cn=config "olcSuffix=$SUFFIX" "" 2>/dev/null | grep ^dn | head -n1`
DN=`ldapsearch -H ldapi:// -Y EXTERNAL -b cn=config "olcSuffix=$SUFFIX" "" 2>/dev/null | grep ^dn | head -n1 | sed 's/^dn: //'`
DN2=`ldapsearch -H ldapi:// -Y EXTERNAL -b $DN "objectClass=olcConstraintConfig" "" 2>/dev/null | grep ^dn | head -n1 | sed 's/^dn: //'`
if [ "x$DN" != "" ]; then
LDIF=`tempfile`
cat <<EOF >$LDIF
$DN
dn: $DN
changetype: modify
replace: olcAccess
olcAccess: {0}to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by group.exact="cn=admin,ou=groups,$SUFFIX" manage by * break
@ -29,6 +30,11 @@ olcAccess: {7}to * by users search
replace: olcDbIndex
olcDbIndex: objectClass,contextCSN,member,eduPersonPrincipalName,owner,supannRefId eq
olcDbIndex: supannAliasLogin,mail,givenName,uid,cn,sn,supannMailPerso,displayName pres,eq,approx,sub
dn: $DN2
changetype: modify
delete: olcConstraintAttribute
olcConstraintAttribute: displayName,sn,givenName set "(this/givenName + [ ] + this/sn) & this/displayName" restrict="ldap:///ou=people,$SUFFIX??sub?(objectClass=*)"
EOF
ldapmodify -H ldapi:// -Y EXTERNAL -f $LDIF 2>/dev/null >/dev/null
rm $LDIF