Changes between Version 2 and Version 3 of ALL__security_acis

Timestamp:

11/24/14 16:37:47 (10 years ago)

Author:

lttoth@…

Comment:

--

ALL__security_acis

@@ -79 +79 @@
                       and link both roles to the ACI in this step.
 
-7.  Invoke the macro which constructs the entire set of ACI creation commands from the ACI Attribs and ACI Logic 
-    tabbed pages:
+===7.  Invoke the macro which constructs the entire set of ACI creation commands ===
+ from the ACI Attribs and ACI Logic tabbed pages:
 
       SHIFT+CONTROL+L
@@ -87 +87 @@
     in LDIF on the LDIF tabbed page.  When the macro completes, save the workbook with all your changes.
 
-8.  Transfer the ACI creation commands from the LDIF tabbed page of the spreadsheet to a text file on a directory host.
+=== 8.  Transfer the ACI creation commands from the LDIF tabbed page ===
+ of the spreadsheet to a text file on a directory host.
 
     On any "e" box, as UNIX user iplanet
@@ -104 +105 @@
     spreadsheet into the file.
 
-9.  Add the new ACI to the Test directory by dropping and recreating all ACIs in that instance. 
+=== 9.  Add the new ACI to the Test directory ===
+by dropping and recreating all ACIs in that instance. 
 
       apply_acisTest.ksh  <your ACI file name>
@@ -122 +124 @@
     of the directory tree (dn: dc=Alaska,dc=edu).  Normally there are no ACIs there.
 
-10. Make the ACI change visible to the EDIR and AUTHSERV gateways by running the following two scripts on all of the "e"
+=== 10. Make the ACI change visible to the EDIR and AUTHSERV gateways ===
+ by running the following two scripts on all of the "e"
     boxes (or at least on those "e" boxes serving EDIR/AUTHSERV, which are currently egegik and eklutna).  The gateways 
     cannot see the ACIs inside the LDAP server and so depend on the files updated by these scripts to find out what 
@@ -130 +133 @@
       (as ldapgw)  ~ldapgw/local/scripts/static_list_maint.ksh Test
 
-11. If you defined the ACI on the ACI Logic tabbed page using a roledn in the ACI bind rule, e.g.
+=== 11. Special Cases ===
+
+If you defined the ACI on the ACI Logic tabbed page using a roledn in the ACI bind rule, e.g.
 
       ldap:///cn=fooRole,ou=resource,dc=alaska,dc=edu
@@ -168 +173 @@
     Feed the LDIF above to the directory with ldap_modify<Instance>, e.g. ldap_modifyTest.
 
-12. Test the new ACI.  If it works correctly, promote the new ACI to Prep and Production in turn by repeating Step 5 with 
+=== 12. Test the new ACI. ===
+ If it works correctly, promote the new ACI to Prep and Production in turn by repeating Step 5 with 
     the apply_acisPrep.ksh and apply_acisProd.ksh scripts.  If the ACI does not and cannot be made to work correctly, roll 
     back the changes you made by dropping and recreating all ACIs with the previous ACI file you identified in Step 4 above.
@@ -174 +180 @@
     EDIRrole and assign it to the 
 
-13. Copy the ACI file you created to the other directory hosts so that it will be available as the rollback ACI file for the
+=== 13. Copy the ACI file you created to the other directory hosts ===
+ so that it will be available as the rollback ACI file for the
     next person who creates an ACI.
 
@@ -186 +193 @@
       done
 
-#######################
-DOCUMENT CHANGE HISTORY
-
-20090731 mpa  Somehow managed to permanently enable macros, so removed the steps for enabling them each time workbook is 
-              opened.
+########################################################
+LEGACY CHANGE HISTORY - NOTE: All subsequent changes are recorded in TracWiki
+########################################################
+
+20090731 mpa  Somehow managed to permanently enable macros, so removed the steps for enabling them each time workbook is opened.
 20090707 mpa  Added steps to 
               - advise that ad hoc creation of ACI may be the best first step.