sssd ldap_sudo_search_base has been made dynamic

2024-11-28 02:12:25 +03:00 · 2019-07-16 15:42:37 +03:00 · 2019-07-16 15:42:37 +03:00 · c76256a050
commit c76256a050
parent fe3625aac8
2 changed files with 2 additions and 1 deletions
--- a/src/base/registration/config-files/sssd.conf
+++ b/src/base/registration/config-files/sssd.conf
@ -37,7 +37,7 @@ override_shell = /bin/bash
 enumerate = true
 cache_credentials = true
 sudo_provider = ldap
-ldap_sudo_search_base = ou=Roles,dc=liderahenk,dc=org
+###ldap_sudo_search_base###
 ###90 days
 ldap_sudo_full_refresh_interval=7776000
 ###30 days
--- a/src/base/registration/execute_sssd_authentication.py
+++ b/src/base/registration/execute_sssd_authentication.py
@ -48,6 +48,7 @@ class ExecuteSSSDAuthentication:
            file_data = file_data.replace("###ldap_search_base###", "ldap_search_base = " + dn)
            file_data = file_data.replace("###ldap_user_search_base###", "ldap_user_search_base = " + dn)
            file_data = file_data.replace("###ldap_group_search_base###", "ldap_group_search_base = " + dn)
+            file_data = file_data.replace("###ldap_sudo_search_base###", "ldap_sudo_search_base = ou=Roles," + dn)

            file_sssd.close()
            file_sssd = open(sssd_config_file_path, 'w')