A little test suite for LDAP ACLs.

author: Guilhem Moulin <guilhem.moulin@fripost.org> 2012-08-20 01:53:16 +0200
committer: Guilhem Moulin <guilhem.moulin@fripost.org> 2012-08-20 01:53:16 +0200
commit: ded29bf9eb3fa40c56eb9ace365d13e6348e215c (patch)
tree: 328d4a3fc3b9fd5e9d696df601bb193204565d8f /ldap/README
parent: d7173895fa7c31b033c2bffd2fb43d1ffbe2159b (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/ldap/README b/ldap/README
new file mode 100644
index 0000000..037ae65
--- /dev/null
+++ b/ldap/README
@@ -0,0 +1,30 @@
+/!\ This work is still in developpement, DO NOT run/install that on a
+production server!
+
+
+Since the user now have (partial) write access to the LDAP directory, it
+is of crucial importance to configure the ACL properly.
+
+ * "populate.ldif" is meant to provide at least an example of every
+single situation we may encounter in our directory.
+
+ * "test-user-acl.sh" checks the database against the ACLs.
+
+
+/!\ Every modification to the schema or the ACLs should be made to
+"populate.ldif" and "test-user-acl.sh" too!
+
+
+Usage:
+
+  * Load the ACLs:
+ 
+    ldapmodify -Y EXTERNAL -H ldapi:/// -f acl.ldif
+
+  * Repopulate the database (will clear it out first!):
+    
+    ldapdelete -Y EXTERNAL -H ldapi:/// -r "ou=virtual,o=mailHosting,dc=fripost,dc=dev" ; ldapadd -Y EXTERNAL -H ldapi:/// -f populate.ldif
+
+  * Running the test suite:
+
+    sudo ./test-user-acl.sh
author	Guilhem Moulin <guilhem.moulin@fripost.org>	2012-08-20 01:53:16 +0200
committer	Guilhem Moulin <guilhem.moulin@fripost.org>	2012-08-20 01:53:16 +0200
commit	ded29bf9eb3fa40c56eb9ace365d13e6348e215c (patch)
tree	328d4a3fc3b9fd5e9d696df601bb193204565d8f /ldap/README
parent	d7173895fa7c31b033c2bffd2fb43d1ffbe2159b (diff)