add memberof overlay,

fix init order for memberof overlay
This commit is contained in:
Arthur Lu 2024-03-28 23:22:25 +00:00
parent e3b173b280
commit 6dfca1aeeb
4 changed files with 21 additions and 8 deletions

0
cert.sh Normal file → Executable file
View File

0
init.sh Normal file → Executable file
View File

View File

@ -8,13 +8,7 @@ dn: ou=groups,$BASE_DN
objectClass: organizationalUnit
ou: groups
# admin group
dn: cn=admins,ou=groups,$BASE_DN
objectClass: groupOfNames
member: uid=$ADMIN_ID,ou=people,$BASE_DN
cn: admins
# paas user
# initial user
dn: uid=$ADMIN_ID,ou=people,$BASE_DN
objectClass: inetOrgPerson
mail: $ADMIN_EMAIL
@ -22,3 +16,9 @@ cn: $ADMIN_CN
sn: $ADMIN_SN
uid: $ADMIN_ID
userPassword: $ADMIN_PASSWD
# admin group
dn: cn=admins,ou=groups,$BASE_DN
objectClass: groupOfNames
member: uid=$ADMIN_ID,ou=people,$BASE_DN
cn: admins

View File

@ -1,9 +1,10 @@
# load pw-sha2 module
# load modules: pw-sha2, ppolicy, memberof
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: pw-sha2.la
olcModuleLoad: ppolicy.la
olcModuleLoad: memberof.la
# set default password hash to SSHA512
dn: olcDatabase={-1}frontend,cn=config
@ -21,3 +22,15 @@ olcPPolicyDefault: cn=password,ou=policies,$BASE_DN
olcPPolicyHashCleartext: TRUE
olcPPolicyUseLockout: FALSE
olcPPolicyForwardUpdates: FALSE
# add memberof policy
dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcMemberOf
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf