providers/ipa/ipa_opts.c

676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina/*
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SSSD
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    Authors:
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina        Stephen Gallagher <sgallagh@redhat.com>
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    Copyright (C) 2012 Red Hat
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    This program is free software; you can redistribute it and/or modify
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    it under the terms of the GNU General Public License as published by
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    the Free Software Foundation; either version 3 of the License, or
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    (at your option) any later version.
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    This program is distributed in the hope that it will be useful,
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    but WITHOUT ANY WARRANTY; without even the implied warranty of
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    GNU General Public License for more details.
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    You should have received a copy of the GNU General Public License
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    along with this program.  If not, see <http://www.gnu.org/licenses/>.
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina*/
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "src/providers/data_provider.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "db/sysdb.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "db/sysdb_sudo.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "db/sysdb_autofs.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "db/sysdb_services.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "db/sysdb_selinux.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina#include "providers/ldap/ldap_common.h"
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct dp_option ipa_basic_opts[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hostname", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hbac_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_subdomains_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_master_domain_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hbac_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hbac_support_srchost", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_automount_location", DP_OPT_STRING, { "default" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_ranges_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_enable_dns_sites", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_server_mode", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_views_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_confd_path", DP_OPT_STRING, { KRB5_MAPPING_DIR }, NULL_STRING },
f982039c75ec064894deb676ae53ee57de868590Fabiano Fidêncio    { "ipa_deskprofile_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
f982039c75ec064894deb676ae53ee57de868590Fabiano Fidêncio    { "ipa_deskprofile_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
4a311702045b065a97a0c0fc0ccc7a1fc84b38cfFabiano Fidêncio    { "ipa_deskprofile_request_interval", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    DP_OPTION_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct dp_option ipa_dyndns_opts[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_update", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_refresh_interval", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_iface", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_ttl", DP_OPT_NUMBER, { .number = 1200 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_update_ptr", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_force_tcp", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_auth", DP_OPT_STRING, { "gss-tsig" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "dyndns_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    DP_OPTION_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct dp_option ipa_def_ldap_opts[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_extra_attrs", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_search_scope", DP_OPT_STRING, { "sub" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_search_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
60a715a0dd79873d2d2607eab8fdfaf0ffd2e7d3Hristo Venev    { "ldap_host_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_full_refresh_interval", DP_OPT_NUMBER, { .number = 21600 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_smart_refresh_interval", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER }, /* 15 mins */
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_use_host_filter", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_hostnames", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_ip", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_include_netgroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sudo_include_regexp", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_map_master_name", DP_OPT_STRING, { "auto.master" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_schema", DP_OPT_STRING, { "ipa_v1" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_offline_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_force_upper_case_realm", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_enumeration_refresh_timeout", DP_OPT_NUMBER, { .number = 300 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_purge_cache_timeout", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_cacert", DP_OPT_STRING, { "/etc/ipa/ca.crt" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_cacertdir", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_cert", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_id_mapping", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sasl_mech", DP_OPT_STRING, { "GSSAPI" } , NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sasl_minssf", DP_OPT_NUMBER, { .number = 56 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_krb5_keytab", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_krb5_init_creds", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    /* use the same parm name as the krb5 module so we set it only once */
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_pwd_policy", DP_OPT_STRING, { "none" } , NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_krb5_ticket_lifetime", DP_OPT_NUMBER, { .number = (24 * 60 * 60) }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_netgroup_search_base", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_nesting_level", DP_OPT_NUMBER, { .number = 2 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_deref", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_account_expire_policy", DP_OPT_STRING, { "ipa" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_access_order", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_chpass_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_chpass_backup_uri", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_chpass_dns_service_name", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_chpass_update_last_change", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_enumeration_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    /* Do not include ldap_auth_disable_tls_never_use_in_production in the
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina     * manpages or SSSDConfig API
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina     */
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_auth_disable_tls_never_use_in_production", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_page_size", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_deref_threshold", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_sasl_canonicalize", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_connection_expire_timeout", DP_OPT_NUMBER, { .number = 900 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_disable_paging", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_range_min", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_range_max", DP_OPT_NUMBER, { .number = 2000200000LL }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_range_size", DP_OPT_NUMBER, { .number = 200000 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_autorid_compat", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_default_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_idmap_default_domain_sid", DP_OPT_STRING, NULL_STRING, NULL_STRING },
8babbeee01e67893af4828ddfc922ecac0be4197Pavel Reichl    { "ldap_idmap_helper_table_size", DP_OPT_NUMBER, { .number = 10 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_groups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_initgroups_use_matching_rule_in_chain", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_use_tokengroups", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_rfc2307_fallback_to_local_users", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_disable_range_retrieval", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    DP_OPTION_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_attr_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_entry_usn", "entryUSN", SYSDB_USN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_rootdse_last_usn", "lastUSN", SYSDB_HIGH_USN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_user_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_object_class", "posixAccount", SYSDB_USER_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_name", "uid", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_pwd", "userPassword", SYSDB_PWD, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_entry_usn", NULL, SYSDB_USN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_last_change", "shadowLastChange", SYSDB_SHADOWPW_LASTCHANGE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_min", "shadowMin", SYSDB_SHADOWPW_MIN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_max", "shadowMax", SYSDB_SHADOWPW_MAX, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_warning", "shadowWarning", SYSDB_SHADOWPW_WARNING, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_inactive", "shadowInactive", SYSDB_SHADOWPW_INACTIVE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_expire", "shadowExpire", SYSDB_SHADOWPW_EXPIRE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shadow_flag", "shadowFlag", SYSDB_SHADOWPW_FLAG, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_krb_last_pwd_change", "krbLastPwdChange", SYSDB_KRBPW_LASTCHANGE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_krb_password_expiration", "krbPasswordExpiration", SYSDB_KRBPW_EXPIRATION, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_pwd_attribute", "pwdAttribute", SYSDB_PWD_ATTRIBUTE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_authorized_service", "authorizedService", SYSDB_AUTHORIZED_SERVICE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_ad_account_expires", "accountExpires", SYSDB_AD_ACCOUNT_EXPIRES, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_ad_user_account_control", "userAccountControl", SYSDB_AD_USER_ACCOUNT_CONTROL, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_ns_account_lock", "nsAccountLock", SYSDB_NS_ACCOUNT_LOCK, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_authorized_host", "host", SYSDB_AUTHORIZED_HOST, NULL },
f34a8330c1615511795847b0a1454249d782db2aAlexey Kamenskiy    { "ldap_user_authorized_rhost", NULL, SYSDB_AUTHORIZED_RHOST, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_nds_login_disabled", "loginDisabled", SYSDB_NDS_LOGIN_DISABLED, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_nds_login_expiration_time", "loginExpirationTime", SYSDB_NDS_LOGIN_EXPIRATION_TIME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_nds_login_allowed_time_map", "loginAllowedTimeMap", SYSDB_NDS_LOGIN_ALLOWED_TIME_MAP, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_auth_type", "ipaUserAuthType", SYSDB_AUTH_TYPE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL },
83a796ec8de4bde65b11cc8032675406950641faSumit Bose    { "ldap_user_email", "mail", SYSDB_USER_EMAIL, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_group_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_object_class", "ipaUserGroup", SYSDB_GROUP_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_object_class_alt", "posixGroup", SYSDB_GROUP_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_name", "cn", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_member", "member", SYSDB_MEMBER, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL },
3cf7fdfcaedb986f42a6640e26aa057007b64045Jakub Hrozek    { "ldap_group_external_member", "ipaExternalMember", SYSDB_EXTERNAL_MEMBER, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_netgroup_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_object_class", "ipaNisNetgroup", SYSDB_NETGROUP_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_name", "cn", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_member", "member", SYSDB_ORIG_NETGROUP_MEMBER, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_member_user", "memberUser", SYSDB_ORIG_MEMBER_USER, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_member_host", "memberHost", SYSDB_ORIG_MEMBER_HOST, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_member_ext_host", "externalHost", SYSDB_ORIG_NETGROUP_EXTERNAL_HOST, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_domain", "nisDomainName", SYSDB_NETGROUP_DOMAIN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_netgroup_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_host_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_object_class", "ipaHost", SYSDB_HOST_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_name", "cn", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_fqdn", "fqdn", SYSDB_FQDN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_serverhostname", "serverHostname", SYSDB_SERVERHOSTNAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_member_of", "memberOf", SYSDB_ORIG_MEMBEROF, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_host_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_hostgroup_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hostgroup_objectclass", "ipaHostgroup", SYSDB_HOSTGROUP_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hostgroup_name", "cn", SYSDB_NAME, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hostgroup_memberof", "memberOf", SYSDB_ORIG_MEMBEROF, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_hostgroup_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_selinux_user_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_object_class", "ipaselinuxusermap", SYSDB_SELINUX_USERMAP_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_name", "cn", SYSDB_NAME, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_member_user", "memberUser", SYSDB_ORIG_MEMBER_USER, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_member_host", "memberHost", SYSDB_ORIG_MEMBER_HOST, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_see_also", "seeAlso", SYSDB_SELINUX_SEEALSO, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_selinux_user", "ipaSELinuxUser", SYSDB_SELINUX_USER, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_enabled", "ipaEnabledFlag", SYSDB_SELINUX_ENABLED, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_user_category", "userCategory", SYSDB_USER_CATEGORY, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_host_category", "hostCategory", SYSDB_HOST_CATEGORY, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_selinux_usermap_uuid", "ipaUniqueID", SYSDB_UUID, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_view_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_view_class", "nsContainer", SYSDB_VIEW_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_view_name", "cn", SYSDB_VIEW_NAME, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_override_map[] = {
352f4832324839d358235de1236090b1fd4ddc0fRené Genz    { "ipa_override_object_class", "ipaOverrideAnchor", SYSDB_OVERRIDE_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_anchor_uuid", "ipaAnchorUUID", SYSDB_OVERRIDE_ANCHOR_UUID, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_user_override_object_class", "ipaUserOverride", SYSDB_OVERRIDE_USER_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ipa_group_override_object_class", "ipaGroupOverride", SYSDB_OVERRIDE_GROUP_CLASS, NULL},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_name", "uid", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_uid_number", "uidNumber", SYSDB_UIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_gecos", "gecos", SYSDB_GECOS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_home_directory", "homeDirectory", SYSDB_HOMEDIR, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_shell", "loginShell", SYSDB_SHELL, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_name", "cn", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_user_ssh_public_key", "ipaSshPubKey", SYSDB_SSH_PUBKEY, NULL },
a1210c8db81a1cc0b45eb62a8450abcdea3afc7bSumit Bose    { "ldap_user_certificate", "userCertificate;binary", SYSDB_USER_CERT, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct dp_option ipa_def_krb5_opts[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_backup_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_ccachedir", DP_OPT_STRING, { DEFAULT_CCACHE_DIR }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_ccname_template", DP_OPT_STRING, NULL_STRING, NULL_STRING},
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_validate", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_backup_kpasswd", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_store_password_if_offline", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_renewable_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_lifetime", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_renew_interval", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_use_fast", DP_OPT_STRING, { "try" }, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_fast_principal", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_canonicalize", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_use_enterprise_principal", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_use_kdcinfo", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "krb5_map_user", DP_OPT_STRING, NULL_STRING, NULL_STRING },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    DP_OPTION_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_service_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_object_class", "ipService", SYSDB_SVC_CLASS, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_name", "cn", SYSDB_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_port", "ipServicePort", SYSDB_SVC_PORT, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_proto", "ipServiceProtocol", SYSDB_SVC_PROTO, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_service_entry_usn", NULL, SYSDB_USN, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_autofs_mobject_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_map_name", "automountMapName", SYSDB_AUTOFS_MAP_NAME, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březinastruct sdap_attr_map ipa_autofs_entry_map[] = {
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_entry_key", "automountKey", SYSDB_AUTOFS_ENTRY_KEY, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
676bf6dda60776d9db79dad1c2506c0e57bb5503Pavel Březina};
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březinastruct sdap_attr_map ipa_sudorule_map[] = {
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_object_class", "ipasudorule", SYSDB_IPA_SUDORULE_OC, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_name", "cn", SYSDB_NAME, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_enabled_flag", "ipaEnabledFlag", SYSDB_IPA_SUDORULE_ENABLED, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_option", "ipaSudoOpt", SYSDB_IPA_SUDORULE_OPTION, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_runasuser", "ipaSudoRunAs", SYSDB_IPA_SUDORULE_RUNASUSER, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_runasgroup", "ipaSudoRunAsGroup", SYSDB_IPA_SUDORULE_RUNASGROUP, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_allowcmd", "memberAllowCmd", SYSDB_IPA_SUDORULE_ALLOWCMD, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_denycmd", "memberDenyCmd", SYSDB_IPA_SUDORULE_DENYCMD, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_host", "memberHost", SYSDB_IPA_SUDORULE_HOST, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_user", "memberUser", SYSDB_IPA_SUDORULE_USER, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_notafter", "sudoNotAfter", SYSDB_IPA_SUDORULE_NOTAFTER, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_notbefore", "sudoNotBefore", SYSDB_IPA_SUDORULE_NOTBEFORE, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_sudoorder", "sudoOrder", SYSDB_IPA_SUDORULE_SUDOORDER, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_cmdcategory", "cmdCategory", SYSDB_IPA_SUDORULE_CMDCATEGORY, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_hostcategory", "hostCategory", SYSDB_IPA_SUDORULE_HOSTCATEGORY, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_usercategory", "userCategory", SYSDB_IPA_SUDORULE_USERCATEGORY, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_runasusercategory", "ipaSudoRunAsUserCategory", SYSDB_IPA_SUDORULE_RUNASUSERCATEGORY, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_runasgroupcategory", "ipaSudoRunAsGroupCategory", SYSDB_IPA_SUDORULE_RUNASGROUPCATEGORY, NULL },
a7d2b4f157194c14bc4a40c74f6416b82befa460Pavel Březina    { "ipa_sudorule_runasextuser", "ipaSudoRunAsExtUser", SYSDB_IPA_SUDORULE_RUNASEXTUSER, NULL },
a7d2b4f157194c14bc4a40c74f6416b82befa460Pavel Březina    { "ipa_sudorule_runasextgroup", "ipaSudoRunAsExtGroup", SYSDB_IPA_SUDORULE_RUNASEXTGROUP, NULL },
a7d2b4f157194c14bc4a40c74f6416b82befa460Pavel Březina    { "ipa_sudorule_runasextusergroup", "ipaSudoRunAsExtUserGroup", SYSDB_IPA_SUDORULE_RUNASEXTUSERGROUP, NULL },
991c9f47fcb24704b880f60ab8ee77cfda056e2cPavel Březina    { "ipa_sudorule_externaluser", "externalUser", SYSDB_IPA_SUDORULE_EXTUSER, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    { "ipa_sudorule_entry_usn", "entryUSN", SYSDB_USN, NULL },
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
a2057618f30a3c64bdffb35a2ef3c2ba148c8a03Pavel Březina};
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březinastruct sdap_attr_map ipa_sudocmdgroup_map[] = {
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    { "ipa_sudocmdgroup_object_class", "ipasudocmdgrp", SYSDB_IPA_SUDOCMDGROUP_OC, NULL },
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    { "ipa_sudocmdgroup_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    { "ipa_sudocmdgroup_name", "cn", SYSDB_NAME, NULL },
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    { "ipa_sudocmdgroup_member", "member", SYSDB_MEMBER, NULL },
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    { "ipa_sudocmdgroup_entry_usn", "entryUSN", SYSDB_USN, NULL },
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
ed8650be18af26b7bf389e1246f7e8cdb363f829Pavel Březina};
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březinastruct sdap_attr_map ipa_sudocmd_map[] = {
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina    { "ipa_sudocmd_object_class", "ipasudocmd", SYSDB_IPA_SUDOCMD_OC, NULL },
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina    { "ipa_sudocmd_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina    { "ipa_sudocmd_sudoCmd", "sudoCmd", SYSDB_IPA_SUDOCMD_SUDOCMD, NULL },
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina    { "ipa_sudocmd_memberof", "memberOf", SYSDB_MEMBEROF, NULL },
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina    SDAP_ATTR_MAP_TERMINATOR
cc7766c8456653ab5d7dedbf432cb1711a905804Pavel Březina};