From 28e009be9f8b400dde040cc33c6e0be597f74920 Mon Sep 17 00:00:00 2001
From: Thomas Constans <thomas@opendoor.fr>
Date: Wed, 23 Nov 2022 21:38:20 +0100
Subject: [PATCH] solution

---
 Readme.md               | 23 +++++++++++++++++++++++
 acl_monitor_config.ldif | 12 ++++++++++++
 root.ldif               | 12 ++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 Readme.md
 create mode 100644 acl_monitor_config.ldif
 create mode 100644 root.ldif

diff --git a/Readme.md b/Readme.md
new file mode 100644
index 0000000..4e8393d
--- /dev/null
+++ b/Readme.md
@@ -0,0 +1,23 @@
+# Tâches post installation
+
+Base ldap configurée: dc=example,dc=fr
+
+DN de l'admin: cn=manager,dc=example,dc=fr
+
+## Définir la racine de l'arbre
+
+## Définir le dn de l'administrateur
+
+## Attribuer un mot de passe à l'administrateur
+
+Voir fichier root.ldif
+
+
+## Faciliter l'accès aux branches cn=config et cn=monitor
+
+Voir le fichier acl_monitor_config.ldif
+
+Injecter ensuite chaque fichier à l'aide de la commande:
+```bash
+sudo ldapadd -Y EXTERNAL -H ldapi:/// -f fichier
+```
\ No newline at end of file
diff --git a/acl_monitor_config.ldif b/acl_monitor_config.ldif
new file mode 100644
index 0000000..66ed417
--- /dev/null
+++ b/acl_monitor_config.ldif
@@ -0,0 +1,12 @@
+dn: olcDatabase={0}config,cn=config
+changetype: modify
+replace: olcaccess
+olcaccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by dn.base=cn=manager,dc=example,dc=fr  manage by * none
+
+dn: olcDatabase={1}monitor,cn=config
+changetype: modify
+replace: olcaccess
+olcaccess: to * by
+  dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by
+  dn.base=cn=manager,dc=example,dc=fr  manage by * none
+
diff --git a/root.ldif b/root.ldif
new file mode 100644
index 0000000..830b582
--- /dev/null
+++ b/root.ldif
@@ -0,0 +1,12 @@
+dn: olcDatabase={2}mdb,cn=config
+changetype: modify
+replace: olcsuffix
+olcsuffix: dc=example,dc=fr
+-
+replace: olcrootdn
+olcrootdn: cn=manager,dc=example,dc=fr
+-
+replace: olcrootpw
+#123Soleil, obtenu via la commande slappasswd
+olcrootpw: {SSHA}bWn23pdsB6At2dH2sZN3L5HxqiV17NpF
+