version: 1 dn: dc=brq,dc=redhat,dc=com objectClass: top objectClass: domain dc: brq aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous access" ; allow (read, search, compare) userdn="ldap:///anyone";) aci: (targetattr="carLicense || description || displayName || facsimileTelep honeNumber || homePhone || homePostalAddress || initials || jpegPhoto || la beledURI || mail || mobile || pager || photo || postOfficeBox || postalAddr ess || postalCode || preferredDeliveryMethod || preferredLanguage || regist eredAddress || roomNumber || secretary || seeAlso || st || street || teleph oneNumber || telexNumber || title || userCertificate || userPassword || use rSMIMECertificate || x500UniqueIdentifier")(version 3.0; acl "Enable self w rite for common attributes"; allow (write) userdn="ldap:///self";) aci: (targetattr ="*")(version 3.0;acl "Directory Administrators Group";allo w (all) (groupdn = "ldap:///cn=Directory Administrators, dc=brq,dc=redhat,d c=com");) dn: cn=Directory Administrators,dc=brq,dc=redhat,dc=com objectClass: top objectClass: groupofuniquenames cn: Directory Administrators uniqueMember: cn=Directory Manager dn: ou=Groups,dc=brq,dc=redhat,dc=com objectClass: top objectClass: organizationalunit ou: Groups dn: ou=People,dc=brq,dc=redhat,dc=com objectClass: top objectClass: organizationalunit ou: People aci: (targetattr ="userpassword || telephonenumber || facsimiletelephonenumb er")(version 3.0;acl "Allow self entry modification";allow (write)(userdn = "ldap:///self");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Accounting)")(versi on 3.0;acl "Accounting Managers Group Permissions";allow (write)(groupdn = "ldap:///cn=Accounting Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Human Resources)")( version 3.0;acl "HR Group Permissions";allow (write)(groupdn = "ldap:///cn= HR Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn ||sn || uid")(targetfilter ="(ou=Product Testing)")(v ersion 3.0;acl "QA Group Permissions";allow (write)(groupdn = "ldap:///cn=Q A Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Product Development )")(version 3.0;acl "Engineering Group Permissions";allow (write)(groupdn = "ldap:///cn=PD Managers,ou=groups,dc=brq,dc=redhat,dc=com");) dn: ou=Special Users,dc=brq,dc=redhat,dc=com objectClass: top objectClass: organizationalUnit ou: Special Users description: Special Administrative Accounts dn: cn=u1,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u1 gidNumber: 16000 homeDirectory: /networld/u1 sn: u1 uid: u1 uidNumber: 30000 gecos: test user 1 loginShell: /bin/bash userPassword:: e1NTSEF9R2ZVQWVyaHB6OGhWdFh0ZnNPakx0TkVLcFdJZHlEZkUrT043S1E9P Q== dn: cn=u2,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u2 gidNumber: 16000 homeDirectory: /networld/u2 sn: u2 uid: u2 uidNumber: 30001 gecos: test user 2 loginShell: /bin/bash userPassword:: e1NTSEF9dVBiK09LM3BVRUhwVkwzM1B0L2tYUEZnTlduaXRaaEJLZFdvUGc9P Q== dn: cn=u3,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u3 gidNumber: 16000 homeDirectory: /networld/u3 sn: u3 uid: u3 uidNumber: 30003 gecos: test user 3 loginShell: /bin/bash userPassword:: e1NTSEF9dVBiK09LM3BVRUhwVkwzM1B0L2tYUEZnTlduaXRaaEJLZFdvUGc9P Q== dn: cn=DEV,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: groupOfUniqueNames objectClass: top cn: DEV dn: cn=QA,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: groupOfUniqueNames objectClass: top cn: QA dn: cn=groupX,cn=DEV,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: groupX gidNumber: 10001 description: SSSD 55000 Test Group member: cn=u3,ou=People,dc=brq,dc=redhat,dc=com dn: cn=groupA,cn=QA,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: groupA gidNumber: 10002 description: SSSD 55000 Test Group member: cn=u1,ou=People,dc=brq,dc=redhat,dc=com member: cn=groupX,cn=DEV,ou=Groups,dc=brq,dc=redhat,dc=com member: cn=u4,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com member: cn=u5,cn=QA,ou=Groups,dc=brq,dc=redhat,dc=com member: cn=groupC,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com dn: cn=groupB,cn=QA,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: groupB gidNumber: 10003 description: SSSD 55000 Test Group member: cn=u2,ou=People,dc=brq,dc=redhat,dc=com dn: cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com objectClass: groupOfUniqueNames objectClass: top cn: NewHires aci: (targetattr ="userpassword || telephonenumber || facsimiletelephonenumb er")(version 3.0;acl "Allow self entry modification";allow (write)(userdn = "ldap:///self");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Accounting)")(versi on 3.0;acl "Accounting Managers Group Permissions";allow (write)(groupdn = "ldap:///cn=Accounting Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Human Resources)")( version 3.0;acl "HR Group Permissions";allow (write)(groupdn = "ldap:///cn= HR Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn ||sn || uid")(targetfilter ="(ou=Product Testing)")(v ersion 3.0;acl "QA Group Permissions";allow (write)(groupdn = "ldap:///cn=Q A Managers,ou=groups,dc=brq,dc=redhat,dc=com");) aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Product Development )")(version 3.0;acl "Engineering Group Permissions";allow (write)(groupdn = "ldap:///cn=PD Managers,ou=groups,dc=brq,dc=redhat,dc=com");) dn: cn=u4,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u4 gidNumber: 16000 homeDirectory: /networld/u4 sn: u4 uid: u4 uidNumber: 30010 gecos: test user 4 loginShell: /bin/bash userPassword:: e1NTSEF9dVBiK09LM3BVRUhwVkwzM1B0L2tYUEZnTlduaXRaaEJLZFdvUGc9P Q== dn: cn=u5,cn=QA,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u5 gidNumber: 16000 homeDirectory: /networld/u4 sn: u5 uid: u5 uidNumber: 30011 gecos: test user 5 loginShell: /bin/bash userPassword:: e1NTSEF9dVBiK09LM3BVRUhwVkwzM1B0L2tYUEZnTlduaXRaaEJLZFdvUGc9P Q== dn: cn=groupC,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixGroup objectClass: groupOfNames objectClass: top cn: groupC gidNumber: 10006 description: SSSD 55000 Test Group member: cn=u6,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com dn: cn=u6,cn=NewHires,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: inetuser objectClass: person objectClass: top cn: u6 gidNumber: 16000 homeDirectory: /networld/u6 sn: u6 uid: u6 uidNumber: 30020 gecos: test user 6 loginShell: /bin/bash userPassword:: e1NTSEF9dVBiK09LM3BVRUhwVkwzM1B0L2tYUEZnTlduaXRaaEJLZFdvUGc9P Q== dn: uid=ldapuser1,ou=People,dc=brq,dc=redhat,dc=com objectClass: posixAccount objectClass: top objectClass: account cn: LDAP User 1 gidNumber: 1001 homeDirectory: /home/ldapuser1 uid: ldapuser1 uidNumber: 1001 loginShell: /bin/bash userPassword:: e0NSWVBUfXdFUFUxZm9OZVplQXM= dn: cn=ldapuser1,ou=Groups,dc=brq,dc=redhat,dc=com objectClass: posixGroup objectClass: top cn: ldapuser1 gidNumber: 1001 memberUid: 1001