Commit eafcc405 authored by Ondřej Kuzník's avatar Ondřej Kuzník Committed by Quanah Gibson-Mount
Browse files

ITS#6830 Enable NO-USER-MODIFICATION on ppolicy attributes

parent 4d6b0180
......@@ -143,7 +143,9 @@ static struct schema_info {
"EQUALITY generalizedTimeMatch "
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
"SINGLE-VALUE "
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdChangedTime },
{ "( 1.3.6.1.4.1.42.2.27.8.1.17 "
"NAME ( 'pwdAccountLockedTime' ) "
......@@ -152,10 +154,7 @@ static struct schema_info {
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE "
#if 0
/* Not until Relax control is released */
"NO-USER-MODIFICATION "
#endif
"USAGE directoryOperation )",
&ad_pwdAccountLockedTime },
{ "( 1.3.6.1.4.1.42.2.27.8.1.19 "
......@@ -164,28 +163,32 @@ static struct schema_info {
"EQUALITY generalizedTimeMatch "
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"NO-USER-MODIFICATION USAGE directoryOperation )",
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdFailureTime },
{ "( 1.3.6.1.4.1.42.2.27.8.1.20 "
"NAME ( 'pwdHistory' ) "
"DESC 'The history of users passwords' "
"EQUALITY octetStringMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 "
"NO-USER-MODIFICATION USAGE directoryOperation )",
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdHistory },
{ "( 1.3.6.1.4.1.42.2.27.8.1.21 "
"NAME ( 'pwdGraceUseTime' ) "
"DESC 'The timestamps of the grace login once the password has expired' "
"EQUALITY generalizedTimeMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"NO-USER-MODIFICATION USAGE directoryOperation )",
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdGraceUseTime },
{ "( 1.3.6.1.4.1.42.2.27.8.1.22 "
"NAME ( 'pwdReset' ) "
"DESC 'The indication that the password has been reset' "
"EQUALITY booleanMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 "
"SINGLE-VALUE USAGE directoryOperation )",
"SINGLE-VALUE "
"USAGE directoryOperation )",
&ad_pwdReset },
{ "( 1.3.6.1.4.1.42.2.27.8.1.23 "
"NAME ( 'pwdPolicySubentry' ) "
......@@ -193,10 +196,7 @@ static struct schema_info {
"EQUALITY distinguishedNameMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 "
"SINGLE-VALUE "
#if 0
/* Not until Relax control is released */
"NO-USER-MODIFICATION "
#endif
"USAGE directoryOperation )",
&ad_pwdPolicySubentry },
{ "( 1.3.6.1.4.1.42.2.27.8.1.27 "
......@@ -205,7 +205,9 @@ static struct schema_info {
"EQUALITY generalizedTimeMatch "
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
"SINGLE-VALUE "
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdStartTime },
{ "( 1.3.6.1.4.1.42.2.27.8.1.28 "
"NAME ( 'pwdEndTime' ) "
......@@ -213,7 +215,9 @@ static struct schema_info {
"EQUALITY generalizedTimeMatch "
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
"SINGLE-VALUE "
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdEndTime },
/* Defined in schema_prep.c now
{ "( 1.3.6.1.4.1.42.2.27.8.1.29 "
......@@ -222,7 +226,9 @@ static struct schema_info {
"EQUALITY generalizedTimeMatch "
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
"SINGLE-VALUE "
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
&ad_pwdLastSuccess },
*/
{ "( 1.3.6.1.4.1.42.2.27.8.1.33 "
......@@ -232,10 +238,7 @@ static struct schema_info {
"ORDERING generalizedTimeOrderingMatch "
"SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
"SINGLE-VALUE "
#if 0
/* Not until Relax control is released */
"NO-USER-MODIFICATION "
#endif
"USAGE directoryOperation )",
&ad_pwdAccountTmpLockoutEnd },
......
......@@ -78,9 +78,8 @@ if test $RC = 0 ; then
fi
echo "Using ldapadd to populate the database..."
# may need "-e relax" for draft 09, but not yet.
$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
$LDIFPPOLICY >> $TESTOUT 2>&1
$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD -e '!relax' \
< $LDIFPPOLICY >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment