freeipa.git/install/tools/man, branch systemd-master FreeIPA project Add explicit instructions to ipa-replica-manage for winsync replication 2011-10-14T07:05:06+00:00 Rob Crittenden rcritten@redhat.com 2011-10-13T22:34:23+00:00 eaec3c4968148fd86e3fef9c7b7093ef4bf9f8ed https://fedorahosted.org/freeipa/ticket/1946 
https://fedorahosted.org/freeipa/ticket/1946
Hostname used by IPA must be a system hostname 2011-10-13T04:54:41+00:00 Martin Kosek mkosek@redhat.com 2011-10-13T10:16:15+00:00 77cc5e024601ae7be6ce706499d5f403c8b71408 Make sure that the hostname IPA uses is a system hostname. If user passes a non-system hostname, update the network settings and system hostname in the same way that ipa-client-install does. This step should prevent various services failures which may not be ready to talk to IPA with non-system hostname. https://fedorahosted.org/freeipa/ticket/1931 
Make sure that the hostname IPA uses is a system hostname. If user
passes a non-system hostname, update the network settings and
system hostname in the same way that ipa-client-install does.

This step should prevent various services failures which may not
be ready to talk to IPA with non-system hostname.

https://fedorahosted.org/freeipa/ticket/1931
Fix DNS permissions and membership in privileges 2011-10-10T03:44:22+00:00 Rob Crittenden rcritten@redhat.com 2011-10-05T21:16:05+00:00 7bd3b3e12147b794c4cf2f4457df5e20638c7b0e This resolves two issues: 1. The DNS acis lacked a prefix so weren't tied to permissions 2. The permissions were added before the privileges so the member values weren't calculated properly For updates we need to add in the members and recalculate memberof via a DS task. https://fedorahosted.org/freeipa/ticket/1898 
This resolves two issues:

1. The DNS acis lacked a prefix so weren't tied to permissions
2. The permissions were added before the privileges so the member
   values weren't calculated properly

For updates we need to add in the members and recalculate memberof via
a DS task.

https://fedorahosted.org/freeipa/ticket/1898
- note that PKCS#12 files also contain private keys, and that the "pkinit" options refer to the KDC's credentials 2011-10-05T02:59:56+00:00 Nalin Dahyabhai nalin@redhat.com 2011-10-04T22:29:45+00:00 7d5106de976140e8425152a83a300be9dc49372a 






Be more clear about selfsign option
2011-10-04T09:00:42+00:00

Martin Kosek
mkosek@redhat.com

2011-10-03T10:30:34+00:00

28603e0c3ac20390a860347afb7a6ed976166e03

Installing IPA server --selfsign option is currently a one-way ticket
to server with limited certificate capabilities. Make sure that user
really want to install it by implementing the following steps:

- moving the option to the bottom of certificate options section
- adding a warning to ipa-server-install man page
- adding a warning to ipa-server-install help
- adding a warning to ipa-server-install configuration summary
  when one runs ipa-server-install

https://fedorahosted.org/freeipa/ticket/1908





Installing IPA server --selfsign option is currently a one-way ticket
to server with limited certificate capabilities. Make sure that user
really want to install it by implementing the following steps:

- moving the option to the bottom of certificate options section
- adding a warning to ipa-server-install man page
- adding a warning to ipa-server-install help
- adding a warning to ipa-server-install configuration summary
  when one runs ipa-server-install

https://fedorahosted.org/freeipa/ticket/1908







25 Create Tool for Enabling/Disabling Managed Entry Plugins
2011-09-21T07:22:13+00:00

JR Aquino
jr.aquino@citrix.com

2011-09-20T16:13:42+00:00

1ac613fc183f03420fa6321e39ad47d15a209e0a

Remove legacy ipa-host-net-manage
Add ipa-managed-entries tool
Add man page for ipa-managed-entries tool

https://fedorahosted.org/freeipa/ticket/1181





Remove legacy ipa-host-net-manage
Add ipa-managed-entries tool
Add man page for ipa-managed-entries tool

https://fedorahosted.org/freeipa/ticket/1181







Add ipa-adtrust-install utility
2011-09-14T22:45:13+00:00

Sumit Bose
sbose@redhat.com

2011-09-07T08:17:12+00:00

29a7a7e8cee8ec767ee8f5bb67534c68d2fcc2b5

https://fedorahosted.org/freeipa/ticket/1619





https://fedorahosted.org/freeipa/ticket/1619







Update ipa-ldap-updater man page saying it is not an end-user utility
2011-09-14T12:39:55+00:00

Rob Crittenden
rcritten@redhat.com

2011-09-13T20:08:58+00:00

ba1bdda25f1345fe015b3ba0abc6996bee223d35

https://fedorahosted.org/freeipa/ticket/1792





https://fedorahosted.org/freeipa/ticket/1792







Improve man pages structure
2011-09-07T10:55:12+00:00

Martin Kosek
mkosek@redhat.com

2011-09-05T09:04:17+00:00

dc3d0f387918b3de2f8e7898408e04e11cc30363

There are too many options in ipa-*-install scripts which makes it
difficult to read. This patch adds subsections to install script
online help and man pages to improve readability. No option has
been changed.

To further improve man pages:

1) All man pages were changed to have the same header and top-center
   title to provide united look.

2) Few typos in man pages have been fixed

https://fedorahosted.org/freeipa/ticket/1687





There are too many options in ipa-*-install scripts which makes it
difficult to read. This patch adds subsections to install script
online help and man pages to improve readability. No option has
been changed.

To further improve man pages:

1) All man pages were changed to have the same header and top-center
   title to provide united look.

2) Few typos in man pages have been fixed

https://fedorahosted.org/freeipa/ticket/1687







Let Bind track data changes
2011-08-31T14:46:12+00:00

Martin Kosek
mkosek@redhat.com

2011-08-31T12:42:57+00:00

6a2dfde086bdda62964a9737a300818d2ab24a4b

Integrate new bind-dyndb-ldap features to automatically track
DNS data changes:

 1) Zone refresh
    Set --zone-refresh in installation to define number of seconds
    between bind-dyndb-ldap polls for new DNS zones. User now
    doesn't have to restart name server when a new zone is added.

 2) New zone notifications
    Use LDAP persistent search mechanism to immediately get
    notification when any new DNS zone is added. Use --zone-notif
    install option to enable. This option is mutually exclusive
    with Zone refresh.

To enable this functionality in existing IPA installations,
update a list of arguments for bind-dyndb-ldap in /etc/named.conf.
An example when zone refresh is disabled and DNS data change
notifications (argument psearch of bind-dyndb-ldap) are enabled:

dynamic-db "ipa" {
...
        arg "zone_refresh 0";
        arg "psearch yes";
};

This patch requires bind-dyndb-ldap-1.0.0-0.1.b1 or later.

https://fedorahosted.org/freeipa/ticket/826





Integrate new bind-dyndb-ldap features to automatically track
DNS data changes:

 1) Zone refresh
    Set --zone-refresh in installation to define number of seconds
    between bind-dyndb-ldap polls for new DNS zones. User now
    doesn't have to restart name server when a new zone is added.

 2) New zone notifications
    Use LDAP persistent search mechanism to immediately get
    notification when any new DNS zone is added. Use --zone-notif
    install option to enable. This option is mutually exclusive
    with Zone refresh.

To enable this functionality in existing IPA installations,
update a list of arguments for bind-dyndb-ldap in /etc/named.conf.
An example when zone refresh is disabled and DNS data change
notifications (argument psearch of bind-dyndb-ldap) are enabled:

dynamic-db "ipa" {
...
        arg "zone_refresh 0";
        arg "psearch yes";
};

This patch requires bind-dyndb-ldap-1.0.0-0.1.b1 or later.

https://fedorahosted.org/freeipa/ticket/826