From 3084a1ed35c5492c7a076a5647c6f4cb941a6e3b Mon Sep 17 00:00:00 2001 From: Ken Rowland Date: Wed, 24 Jul 2024 08:17:13 -0400 Subject: [PATCH] HPCC-28546 OUs created with Authenticated Users access rights Removed Authenticated Users access rights for OUs when created Signed-Off-By: Kenneth Rowland kenneth.rowland@lexisnexisrisk.com --- system/security/LdapSecurity/ldapconnection.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/security/LdapSecurity/ldapconnection.cpp b/system/security/LdapSecurity/ldapconnection.cpp index 35e74cd1450..ef4eb7ab07a 100644 --- a/system/security/LdapSecurity/ldapconnection.cpp +++ b/system/security/LdapSecurity/ldapconnection.cpp @@ -1671,8 +1671,8 @@ class CLdapClient : implements ILdapClient, public CInterface //Create base LDAP OU tree. Specify PT_ADMINISTRATORS_ONLY to ensure each OU //grants access to Administrators only createLdapBasedn(NULL, m_ldapconfig->getResourceBasedn(RT_DEFAULT), PT_ADMINISTRATORS_ONLY, nullptr); - createLdapBasedn(NULL, m_ldapconfig->getResourceBasedn(RT_FILE_SCOPE), PT_DEFAULT, nullptr); - createLdapBasedn(NULL, m_ldapconfig->getResourceBasedn(RT_WORKUNIT_SCOPE), PT_DEFAULT, nullptr); + createLdapBasedn(NULL, m_ldapconfig->getResourceBasedn(RT_FILE_SCOPE), PT_ADMINISTRATORS_ONLY, nullptr); + createLdapBasedn(NULL, m_ldapconfig->getResourceBasedn(RT_WORKUNIT_SCOPE), PT_ADMINISTRATORS_ONLY, nullptr); createLdapBasedn(NULL, m_ldapconfig->getUserBasedn(), PT_ADMINISTRATORS_ONLY, nullptr); createLdapBasedn(NULL, m_ldapconfig->getGroupBasedn(), PT_ADMINISTRATORS_ONLY, nullptr);