# ---------------------------------------------------------------------------- # Sample Hauskeys Users # ---------------------------------------------------------------------------- dn: uid=mplanck, ou=Users, dc=example,dc=com cn: Max Planck sn: Planck givenName: Max objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: extensibleObject objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: mplanck krb5PrincipalName: mplanck@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: mplanck@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 666 apacheSamType: 7 safehausUid: mplanck safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 27304238 safehausSecret:: aaaabbbbccccdddd safehausFailuresInEpoch: 0 safehausResynchCount: -1 safehausTokenPin: 1234 safehausInfo: test account safehausNotifyBy: sms userPassword: secret dn: uid=aeinstein, ou=Users, dc=example,dc=com cn: Albert Einstein sn: Einstein givenName: Albert objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: extensibleObject objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: aeinstein krb5PrincipalName: aeinstein@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: aeinstein@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 666 apacheSamType: 7 safehausUid: aeinstein safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 8745127341 safehausSecret:: eeeeffffgggghhhh safehausFailuresInEpoch: 0 safehausResynchCount: -1 safehausTokenPin: 1234 safehausInfo: test account safehausNotifyBy: sms userPassword: secret dn: uid=nbohr, ou=Users, dc=example,dc=com cn: Neils Bohr sn: Bohr givenName: Neils objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: extensibleObject objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: nbohr krb5PrincipalName: nbohr@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: nbohr@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 666 apacheSamType: 7 safehausUid: nbohr safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 8745127341 safehausSecret:: iiiijjjjkkkkllll safehausFailuresInEpoch: 0 safehausResynchCount: -1 safehausTokenPin: 1234 safehausInfo: test account safehausNotifyBy: sms userPassword: secret # ---------------------------------------------------------------------------- # Sample Local Users (not 2-factor) # ---------------------------------------------------------------------------- dn: uid=mborn, ou=Users, dc=example,dc=com cn: Max Born sn: Born givenName: Max objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: mborn krb5PrincipalName: mborn@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: mborn@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 667 safehausUid: mborn safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 917483720127847 safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^* safehausFailuresInEpoch: 0 safehausTokenPin: 1234 safehausResynchCount: -1 safehausInfo: test account safehausNotifyBy: sms userPassword: secret dn: uid=wpauli, ou=Users, dc=example,dc=com cn: Wolfgang Pauli sn: Pauli givenName: Wolfgang objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: wpauli krb5PrincipalName: wpauli@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: wpauli@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 667 safehausUid: wpauli safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 917483720127847 safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^* safehausFailuresInEpoch: 0 safehausTokenPin: 1234 safehausResynchCount: -1 safehausInfo: test account safehausNotifyBy: sms userPassword: secret dn: uid=mcurie, ou=Users, dc=example,dc=com cn: Marie Curie sn: Curie givenName: Marie objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry objectClass: safehausProfile ou: Users uid: mcurie krb5PrincipalName: mcurie@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: mcurie@example.com telephoneNumber: +1 904 982 6882 facsimileTelephoneNumber: +1 904 982 6883 roomNumber: 667 safehausUid: mcurie safehausRealm: EXAMPLE.COM safehausLabel: example realm safehausFactor: 917483720127847 safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^* safehausFailuresInEpoch: 0 safehausTokenPin: 1234 safehausResynchCount: -1 safehausInfo: test account safehausNotifyBy: sms userPassword: secret # ---------------------------------------------------------------------------- # Sample External Users (not 2-factor) # ---------------------------------------------------------------------------- dn: uid=pdirac, ou=Users, dc=example,dc=com objectClass: top objectClass: uidObject objectClass: extensibleObject objectClass: referral uid: pdirac ref: ldap://ad.example.com/uid=pdirac, ou=Users, dc=example,dc=com dn: uid=efermi, ou=Users, dc=example,dc=com objectClass: top objectClass: uidObject objectClass: extensibleObject objectClass: referral uid: efermi ref: ldap://openldap.example.com/uid=efermi, ou=Users, dc=example,dc=com dn: uid=rfeynman, ou=Users, dc=example,dc=com objectClass: top objectClass: uidObject objectClass: extensibleObject objectClass: referral uid: rfeynman ref: ldap://apacheds.example.com/uid=rfeynman, ou=Users, dc=example,dc=com # ---------------------------------------------------------------------------- # Sample Hosts # ---------------------------------------------------------------------------- dn: uid=hostssh, ou=Users, dc=example,dc=com cn: SSH Service sn: Service givenName: SSH objectClass: top objectClass: uidObject objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: krb5Principal objectClass: krb5KDCEntry ou: Users uid: hostssh krb5PrincipalName: host/www.example.com@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: admin@example.com userPassword: secret dn: uid=hostssh2, ou=Users, dc=example,dc=com cn: SSH Service sn: Service givenname: SSH objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson objectclass: krb5Principal objectclass: krb5KDCEntry ou: Users uid: hostssh krb5PrincipalName: host/kerberos.example.com@EXAMPLE.COM krb5KeyVersionNumber: 0 mail: admin@example.com userPassword: secret # ---------------------------------------------------------------------------- # Demo Application # ---------------------------------------------------------------------------- dn: appname=demo,ou=Applications,dc=example,dc=com objectclass: policyApplication objectclass: top appname: demo description: Demo application. userpassword:: c2VjcmV0 dn: ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: organizationalUnit objectclass: top ou: permissions dn: permname=bend,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyPermission objectclass: top permname: bend dn: permname=fold,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyPermission objectclass: top permname: fold dn: permname=mutilate,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyPermission objectclass: top permname: mutilate dn: permname=spindle,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyPermission objectclass: top permname: spindle dn: permname=twist,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyPermission objectclass: top permname: twist dn: ou=roles,appname=demo,ou=Applications,dc=example,dc=com objectclass: organizationalUnit objectclass: top ou: roles dn: rolename=superuser,ou=roles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyRole objectclass: top grants: bend grants: fold grants: mutilate grants: spindle grants: twist rolename: superuser dn: rolename=untrusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyRole objectclass: top grants: bend rolename: untrusted dn: rolename=trusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyRole objectclass: top grants: bend grants: fold grants: mutilate rolename: trusted dn: ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: organizationalUnit objectclass: top ou: profiles dn: profileid=nbohr,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top profileid: nbohr roles: trusted user: nbohr dn: profileid=nbohr-superuser,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top denials: fold profileid: nbohr-superuser roles: superuser user: nbohr dn: profileid=wpauli,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top grants: twist profileid: wpauli roles: trusted user: wpauli dn: profileid=aeinstein,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top grants: spindle profileid: aeinstein roles: trusted user: aeinstein dn: profileid=mcurie,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top profileid: mcurie roles: untrusted user: mcurie # ---------------------------------------------------------------------------- # Demo Application Profiles For Ready Made Hauskeys Accounts # # Apache => apache # Citi401k => citi401k # Codehaus => codehaus # OfficeW2k => officew2k # BankOne => bankone # ---------------------------------------------------------------------------- dn: profileid=apache,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top denials: fold profileid: apache roles: trusted user: apache dn: profileid=citi401k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top grants: twist profileid: citi401k roles: trusted user: citi401k dn: profileid=codehaus,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top grants: spindle profileid: codehaus roles: trusted user: codehaus dn: profileid=officew2k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top profileid: officew2k roles: untrusted user: officew2k dn: profileid=bankone,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com objectclass: policyProfile objectclass: top profileid: bankone roles: untrusted user: bankone