Merge branch 'master' of git://source.jones.dk/local-COMMON

2 files changed, 12 insertions, 2 deletions

diff --git a/ldap/db/50_base.conf.in b/ldap/db/20_base.conf.in
index b7cd9ae..1d78c6a 100644
--- a/ldap/db/50_base.conf.in
+++ b/ldap/db/20_base.conf.in
@@ -4,7 +4,7 @@
 # admin entry below
 access to dn.subtree="ou=SAM,@SUFFIX@" attrs=userpassword,shadowLastChange
         by dn.exact="@ADMIN@" write
-	by dn.exact=”uid=cifsdc,ou=Entities,ou=Access Control,@SUFFIX@" write
+	by group="cn=SAM,ou=Administrators,ou=Access Control,@SUFFIX@" write
         by anonymous auth
         by self write
         by * none
diff --git a/ldap/mkldapdb b/ldap/mkldapdb
index 623a706..4e297c3 100755
--- a/ldap/mkldapdb
+++ b/ldap/mkldapdb
@@ -5,7 +5,7 @@ set -e
 umask 066
 
 # Resolve some defaults from other system config
-basedn="`grep '^BASE\b' /etc/ldap/ldap.conf | sed -e 's/^BASE[[:space:]]\+//'`"
+basedn="`grep '^BASE\b' /etc/ldap/ldap.conf | sed -e 's/^BASE[[:space:]]\+//' -e 's/,[[:space:]]\+/,/g'`"
 dnsdomain="`dnsdomainname`"
 orgname=""
 if [ -r /etc/local-ORG/orgname ]; then
@@ -73,3 +73,13 @@ cn: DSA
 description: Directory System Agent administrators
 uniqueMember: cn=cipux,ou=Entities,ou=Access Control,$basedn
 EOF
+ldapadd -x -h localhost -D "cn=admin,$basedn" -W <<EOF
+dn: cn=SAM,ou=Administrators,ou=Groups,ou=Access Control,$basedn
+objectClass: groupOfUniqueNames
+cn: SAM
+description: Samba and NSS services administrators
+uniqueMember: cn=horde,ou=Entities,ou=Access Control,$basedn
+EOF
+
+# TODO: Add "uid=cifsdc,ou=Entities,ou=Access Control,@SUFFIX@" to group
+#       "cn=SAM,ou=Administrators,ou=Access Control,@SUFFIX@" for samba