forked from Personal/ansible-deploy-ldap-fusiondirectory
22 lines
679 B
Plaintext
22 lines
679 B
Plaintext
|
dn: cn=manager,ou=aclroles,{{ base_dn }}
|
||
|
cn: manager
|
||
|
description: Give all rights on users in the given branch
|
||
|
objectClass: top
|
||
|
objectClass: gosaRole
|
||
|
gosaAclTemplate: 0:user/user;cmdrw,user/posixAccount;cmdrw
|
||
|
|
||
|
dn: cn=editowninfos,ou=aclroles,{{ base_dn }}
|
||
|
cn: editowninfos
|
||
|
description: Allow users to edit their own information (main tab and posix u
|
||
|
se only on base)
|
||
|
objectClass: top
|
||
|
objectClass: gosaRole
|
||
|
gosaAclTemplate: 0:user/user;srw,user/posixAccount;srw
|
||
|
|
||
|
dn: cn=editownpwd,ou=aclroles,{{ base_dn }}
|
||
|
cn: editownpwd
|
||
|
description: Allow users to edit their own password (use only on base)
|
||
|
objectClass: top
|
||
|
objectClass: gosaRole
|
||
|
gosaAclTemplate: 0:user/user;s#userPassword;rw
|