Changeset View
Changeset View
Standalone View
Standalone View
docker/kolab/utils/17-remove-hosted-service-access-from-mgmt-domain.sh
#!/bin/bash | #!/bin/bash | ||||
. ./settings.sh | . ./settings.sh | ||||
( | ( | ||||
echo "dn: associateddomain=${domain},ou=Domains,${rootdn}" | echo "dn: associateddomain=${domain},ou=Domains,${rootdn}" | ||||
echo "changetype: modify" | echo "changetype: modify" | ||||
echo "replace: aci" | echo "replace: aci" | ||||
echo "aci: (targetattr = \"*\")(version 3.0;acl \"Deny Rest\";deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn} || ldap:///${rootdn}??sub?(objectclass=*)\");)" | echo "aci: (targetattr = \"*\")(version 3.0;acl \"Deny Rest\";deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn} || ldap:///${rootdn}??sub?(objectclass=*)\");)" | ||||
echo "aci: (targetattr = \"*\")(version 3.0;acl \"Deny Hosted Kolab\";deny (all)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)" | echo "aci: (targetattr = \"*\")(version 3.0;acl \"Deny Hosted Kolab\";deny (all)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)" | ||||
echo "" | echo "" | ||||
) | ldapmodify -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" | ) | ldapmodify -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" |