Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: internet2/InCommonTAP-Examples
base: main
Choose a base ref
...
head repository: internet2/InCommonTAP-Examples
compare: pc_November23
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 1 commit
  • 4 files changed
  • 1 contributor

Commits on Apr 11, 2024

  1. add schemas to LDAP

    @pcaskey
    pcaskey committed Apr 11, 2024
    Copy the full SHA
    4c6ae21 View commit details
5 changes: 4 additions & 1 deletion Workbench/directory/Dockerfile
View file
@@ -38,7 +38,10 @@ RUN useradd ldapadmin \
&& while ! curl -s ldap://localhost:389 > /dev/null; do echo waiting for ldap to start; sleep 1; done; \
ldapadd -H ldap:/// -f /seed-data/data.ldif -x -D "cn=Directory Manager" -w password \
&& ldapmodify -H ldap:/// -f /seed-data/incwbperson-obj.ldif -x -D "cn=Directory Manager" -w password \
&& ldapmodify -H ldap:/// -f /seed-data/edumember-obj.ldif -x -D "cn=Directory Manager" -w password
&& ldapmodify -H ldap:/// -f /seed-data/edumember-obj.ldif -x -D "cn=Directory Manager" -w password \
&& ldapmodify -H ldap:/// -f /seed-data/ldappublickey-obj.ldif -x -D "cn=Directory Manager" -w password \
&& ldapmodify -H ldap:/// -f /seed-data/voperson-obj.ldif -x -D "cn=Directory Manager" -w password \
&& ldapmodify -H ldap:/// -f /seed-data/voposixaccount-obj.ldif -x -D "cn=Directory Manager" -w password

EXPOSE 389 443

29 changes: 29 additions & 0 deletions Workbench/directory/container_files/seed-data/ldappublickey-obj.ldif
View file
@@ -0,0 +1,29 @@
#
# ldapPublicKey Objectclass
#
#
# ldapPublicKey attribute
#
dn: cn=schema
changetype: modify
#
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13
NAME 'sshPublicKey'
DESC 'MANDATORY: OpenSSH Public key'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
-
#
add: objectclasses
objectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0
NAME 'ldapPublicKey'
DESC 'MANDATORY: OpenSSH LPK objectclass'
SUP top
AUXILIARY
MUST ( sshPublicKey $ uid )
)
#
# end of LDIF
#

113 changes: 113 additions & 0 deletions Workbench/directory/container_files/seed-data/voperson-obj.ldif
View file
@@ -0,0 +1,113 @@
#
# voPerson Objectclass
#
#
# "voPerson" attributes
#
objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4
objectIdentifier: voPersonObjectClass voPersonRoot:1
dn: cn=schema
changetype: modify
#
add: attributetypes
attributeTypes: ( voPersonObjectClass:10
NAME 'voPersonAffiliation'
DESC 'voPerson Affiliation Within Local Scope'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:13
NAME 'voPersonApplicationPassword'
DESC 'voPerson Application-Specific Password'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributeTypes: ( voPersonObjectClass:1
NAME 'voPersonApplicationUID'
DESC 'voPerson Application-Specific User Identifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:2
NAME 'voPersonAuthorName'
DESC 'voPerson Author Name'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:3
NAME 'voPersonCertificateDN'
DESC 'voPerson Certificate Distinguished Name'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( voPersonObjectClass:4
NAME 'voPersonCertificateIssuerDN'
DESC 'voPerson Certificate Issuer DN'
EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
attributeTypes: ( voPersonObjectClass:11
NAME 'voPersonExternalAffiliation'
DESC 'voPerson Scoped External Affiliation'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:5
NAME 'voPersonExternalID'
DESC 'voPerson Scoped External Identifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:6
NAME 'voPersonID'
DESC 'voPerson Unique Identifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:7
NAME 'voPersonPolicyAgreement'
DESC 'voPerson Policy Agreement Indicator'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:12
NAME 'voPersonScopedAffiliation'
DESC 'voPerson Affiliation With Explicit Local Scope'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:8
NAME 'voPersonSoRID'
DESC 'voPerson External Identifier'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:9
NAME 'voPersonStatus'
DESC 'voPerson Status'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:15
NAME 'voPersonToken'
DESC 'voPerson Token'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPersonObjectClass:14
NAME 'voPersonVerifiedEmail'
DESC 'voPerson Verified Email Address'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-
#
add: objectclasses
objectClasses: ( voPersonObjectClass
NAME 'voPerson'
AUXILIARY
MAY ( voPersonAffiliation $
voPersonApplicationPassword $
voPersonApplicationUID $
voPersonAuthorName $
voPersonCertificateDN $
voPersonCertificateIssuerDN $
voPersonExternalAffiliation $
voPersonExternalID $
voPersonID $
voPersonPolicyAgreement $
voPersonScopedAffiliation $
voPersonSoRID $
voPersonStatus $
voPersonToken $
voPersonVerifiedEmail )
)
#
# end of LDIF
#

63 changes: 63 additions & 0 deletions Workbench/directory/container_files/seed-data/voposixaccount-obj.ldif
View file
@@ -0,0 +1,63 @@
#
# voPosixAccount Objectclass
#
#
# "voPosixAccount" attributes
#
objectIdentifier: voPersonRoot 1.3.6.1.4.1.25178.4
objectIdentifier: voPosixAccountObjectClass voPersonRoot:2
objectIdentifier: voPosixGroupObjectClass voPersonRoot:3
dn: cn=schema
changetype: modify
#
add: attributetypes
attributeTypes: ( voPosixAccountObjectClass:1
NAME 'voPosixAccountGecos'
DESC 'voPerson domain specific GECOS field'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPosixAccountObjectClass:2
NAME 'voPosixAccountGidNumber'
DESC 'voPerson domain specific primary group identifier'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
attributeTypes: ( voPosixAccountObjectClass:3
NAME 'voPosixAccountHomeDirectory'
DESC 'voPerson domain specific absolute path to the home directory'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPosixAccountObjectClass:4
NAME 'voPosixAccountLoginShell'
DESC 'voPerson domain specific path to the login shell'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributeTypes: ( voPosixAccountObjectClass:5
NAME 'voPosixAccountUidNumber'
DESC 'voPerson domain specific unique user identifier'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
-
#
add: objectclasses
objectClasses: ( voPosixAccountObjectClass
NAME 'voPosixAccount'
AUXILIARY
MUST ( cn $
uid $
voPosixAccountUidNumber $
voPosixAccountGidNumber $
voPosixAccountHomeDirectory )
MAY ( voPosixAccountLoginShell $
voPosixAccountGecos )
)
objectClasses: ( voPosixGroupObjectClass
NAME 'voPosixGroup'
AUXILIARY
MUST ( cn $ voPosixAccountGidNumber )
MAY ( memberUid )
)
#
# end of LDIF
#