Issue #184: what are the minimum access acl's required for using bind dyndb ldap - bind-dyndb-ldap

bind-dyndb-ldap

#184 what are the minimum access acl's required for using bind dyndb ldap

Opened 4 years ago by f1outsourcing. Modified 4 years ago

You have somewhere documented what queries are executed on the ldap server. So we can simulate correct and full access with ldapsearch so we know the acls are not blocking some requests.

abbra commented 4 years ago

All design documents are available at https://docs.pagure.org/bind-dyndb-ldap/

Exact queries aren't available as they get constructed on the fly. This is especially true for generic DNs RR types support.

abbra commented 4 years ago

A default set of ACIs for DNS entries in FreeIPA is this: https://pagure.io/freeipa/blob/master/f/install/share/dns.ldif. Line 14 defines a general ACI that allows to update elements of a DNS record if the entry is managed by the updater, directly or via a group membership.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

rhbz

None

blockedby

None

blocking

None

fixedby

None

fixedin

None

proposedmilestone

None

type

None

component

None

version

None

keywords

None

bind-dyndb-ldap

Source Code

Documentation

#184 what are the minimum access acl's required for using bind dyndb ldap Opened 4 years ago by f1outsourcing. Modified 4 years ago

Close issue as:

Metadata

#184 what are the minimum access acl's required for using bind dyndb ldap

Opened 4 years ago by f1outsourcing. Modified 4 years ago