summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* move dns to identity tabAdam Young2011-07-221-4/+4
| | | | fix JSL warning
* Fixed click handlers on certificate buttons.Endi S. Dewata2011-07-221-5/+10
| | | | | The click event handlers for certificate buttons have been fixed to stop standard event processing which causes the page to change.
* remove hardcoded DNS label for record name.Adam Young2011-07-221-1/+2
| | | | https://fedorahosted.org/freeipa/ticket/1493
* Fixed navigation unit test.Endi S. Dewata2011-07-221-2/+2
| | | | | The mock-up get_state() has been modified to return an empty object if it's called without parameter. It's the same as $bbq.getState().
* Fixed navigation problems.Endi S. Dewata2011-07-223-59/+105
| | | | | | | | | | | | The navigation code has been modified store the facet's state separately in the facet object itself. The path state is stored in the navigation object. When the path is changed to view a new facet, only the path and the state of the new facet will be shown in the URL, thus keeping the URL short. This fixes pagination, bookmark and search filter problems as well. Ticket #1507, 1516, 1517
* Fixed problem with navigation state loading.Endi S. Dewata2011-07-221-8/+30
| | | | | | | | The select event handler in the navigation tab has been modified to distinguish the source of the event. If the event is triggered by URL hash change, it will use the state specified in the URL. If the event is triggered by a mouse click, it will use the state stored internally.
* Refactored IPA.current_facet().Endi S. Dewata2011-07-227-48/+32
| | | | | | | | The IPA.current_facet() has been merged into IPA.entity.setup() and replaced by IPA.entity.get_facet(). The setup() will read the current facet's name from the <entity>-facet URL parameter and store the facet object in the entity object. The get_facet() without any parameter will return the current facet object.
* Fix ipa-compat-manage not working after recent ipa-nis-manage change.Jan Cholasta2011-07-222-42/+68
| | | | ticket 1147
* Autofill the default revocation reasonRob Crittenden2011-07-222-1/+2
| | | | https://fedorahosted.org/freeipa/ticket/1514
* Hide the HBAC access type attribute now that deny is deprecated.Rob Crittenden2011-07-213-8/+9
| | | | | | | It won't appear in the UI/CLI but is still available via XML-RPC. allow is the default and deny will be rejected. https://fedorahosted.org/freeipa/ticket/1495
* Remove wrong kpasswd sysconfigJakub Hrozek2011-07-211-3/+0
|
* Ticket 1485 - DN pairwise groupingJohn Dennis2011-07-213-222/+398
| | | | | | | | | | | | | | | | | | | | | The pairwise grouping used to form RDN's and AVA's proved to be confusing in practice, this patch removes that functionality thus requiring programmers to explicitly pair attr,value using a tuple or list. In addition it was discovered additional functionality was needed to support some DN operations in freeipa. DN objects now support startswith(), endswith() and the "in" membership test. These functions and operators will accept either a DN or RDN. The unittest was modified to remove the pairwise tests and add new explicit tests. The unittest was augmented to test the new functionality. In addition the unittest was cleaned up a bit to use common utilty functions for improved readabilty and robustness. The documentation was updated. fix test_role_plugin use of DN to avoid pairwise grouping
* Add missing automount summariesMartin Kosek2011-07-211-0/+40
| | | | | https://fedorahosted.org/freeipa/ticket/1509 https://fedorahosted.org/freeipa/ticket/1510
* Removed custom layouts using HTML templates.Endi S. Dewata2011-07-2122-1172/+84
| | | | | | | The code for supporting custom layouts using HTML templates has been removed. If it's needed again in the future the code can be restored. Ticket #1501
* Removed HBAC access time code.Endi S. Dewata2011-07-211-344/+0
| | | | | | | | The HBAC access time is currently not supported, so the related UI code has been removed to reduce maintenance issue. When the feature becomes supported in the future the code may be restored/rewritten. Ticket #546
* Fixed problem loading data in HBAC/sudo details page.Endi S. Dewata2011-07-213-21/+51
| | | | | | | | In a recent change the details page was changed to create and locate field containers with 'details-field' CSS class. The HBAC and sudo custom details pages have been modified to use the same CSS class. Ticket #1508
* Removed entitlement registration UUID field.Endi S. Dewata2011-07-211-4/+9
| | | | | | | | | The UUID field has been removed from the entitlement registration dialog box because it's currently not supported. The code has been modified not to send empty UUID value should this become supported in the future. Ticket #1506
* Creating reverse zones from IP address.Endi S. Dewata2011-07-202-16/+181
| | | | | | | | | | A custom adder dialog has been added for DNS zones to simplify creating reverse zones from IP address. The dialog provides a checkbox which indicates whether the content of the zone name field is an IP address. The IP address will be used to generate the reverse zone name and email address. Ticket #1045
* Added checkbox to remove hosts from DNS.Endi S. Dewata2011-07-204-54/+125
| | | | | | | A custom deleter dialog for hosts has been added to provide an option whether to remove the hosts from DNS. Ticket #1470
* no dnsAdam Young2011-07-202-3/+20
| | | | | | | | | Remove all DNS entities if the DNS server is not installed. Removes it from the navigation as well. https://fedorahosted.org/freeipa/ticket/1498 move created count to last thing in the funciton.
* Only call entry_from_entry() after waiting for the new entry.Rob Crittenden2011-07-191-1/+1
| | | | This fixes an indentation problem.
* Add Alexander Bokovoy and Jan Cholasta to contributors fileRob Crittenden2011-07-191-0/+2
|
* Make ipa-client-install error messages more understandable and relevant.Rob Crittenden2011-07-193-36/+53
| | | | | | | | | | | * Check remote LDAP server to see if it is a V2 server * Replace numeric return values with alphanumeric constants * Display the error message from the ipa-enrollment extended op * Remove generic join failed error message when XML-RPC fails * Don't display Certificate subject base when enrollment fails * Return proper error message when LDAP bind fails https://fedorahosted.org/freeipa/ticket/1417
* Set a default minimum value for class Int, handle long values better.Rob Crittenden2011-07-192-30/+37
| | | | | | | Allow a long to get as far as the min/max constraints where we can compare it to min/max int values and reject with a proper error message. https://fedorahosted.org/freeipa/ticket/1494
* With the external user/group management fixed, correct the unit tests.Rob Crittenden2011-07-201-3/+3
| | | | | The unit tests were incorrectly expecting the removed data back when removing external users.
* Correct sudo runasuser and runasgroup attributes in schemaJr Aquino2011-07-192-0/+41
| | | | https://fedorahosted.org/freeipa/ticket/1309
* Correct behavior for sudorunasgroup vs sudorunasuserJr Aquino2011-07-192-0/+3
| | | | https://fedorahosted.org/freeipa/ticket/1309
* Fix regression when calculating external groups.Rob Crittenden2011-07-191-1/+1
| | | | | The members should be the current members of the entry, not the refreshed copy
* Fix sssd.conf to always have IPA certificate for the domain.Alexander Bokovoy2011-07-181-0/+6
| | | | | | | | | Fixes https://fedorahosted.org/freeipa/ticket/1476 SSSD will need TLS for checking if ipaMigrationEnabled attribute is set Note that SSSD will force StartTLS because the channel is later used for authentication as well if password migration is enabled. Thus set the option unconditionally.
* Don't set krbLastPwdChange when setting a host OTP password.Rob Crittenden2011-07-183-37/+70
| | | | | | | | | | | | | | We have no visibility into whether an entry has a keytab or not so krbLastPwdChange is used as a rough guide. If this value exists during enrollment then it fails because the host is considered already joined. This was getting set when a OTP was added to a host that had already been enrolled (e.g. you enroll a host, unenroll it, set a OTP, then try to re-enroll). The second enrollment was failing because the enrollment plugin thought it was still enrolled becaused krbLastPwdChange was set. https://fedorahosted.org/freeipa/ticket/1357
* A removed external host is shown in output when removing external hosts.Rob Crittenden2011-07-181-3/+3
| | | | | | This is just a display problem, the host is actually removed from the entry. https://fedorahosted.org/freeipa/ticket/1492
* Fix sudorule-remove-userMartin Kosek2011-07-191-2/+2
| | | | | | | Removed sudorule "External User" is displayed in the output when "--all" switch is used. https://fedorahosted.org/freeipa/ticket/1489
* Don't delete NIS netgroup compat suffix on 'ipa-nis-manage disable'.Jan Cholasta2011-07-191-15/+0
| | | | ticket 1469
* Optionally wait for 389-ds postop plugins to completeRob Crittenden2011-07-1913-3/+120
| | | | | | | | | | | Add a new command that lets you wait for an attribute to appear in a value. Using this you can do things like wait for a managed entry to be created, adding a new objectclass to the parent entry. This is controlled by a new booleon option, wait_for_attr, defaulting to False. https://fedorahosted.org/freeipa/ticket/1144
* Clean up of IP address checks in install scripts.Jan Cholasta2011-07-194-38/+13
| | | | | | Fixes ipa-dns-install incorrect warning. ticket 1486
* 35 remove escapes from the cvs parser in ipaserver/install/ldapupdate ↵Jr Aquino2011-07-191-2/+1
| | | | https://fedorahosted.org/freeipa/ticket/1472
* Change client enrollment principal prompt to hopefully be clearer.Rob Crittenden2011-07-191-1/+1
| | | | ticket https://fedorahosted.org/freeipa/ticket/1449
* Rearrange logging for NSCD daemon.Alexander Bokovoy2011-07-181-1/+4
| | | | | | | https://fedorahosted.org/freeipa/ticket/1373 When SSSD is in use, we actually trying to disable NSCD daemon. Telling that we failed to configure automatic _startup_ of the NSCD is wrong then.
* Return correct "RunAs External Group" when removing membersJr Aquino2011-07-181-4/+4
| | | | | | | | | If you used sudorule-remove-runasgroup to remove a member that member still appeared in the command output when --all was included (it isn't a default attribute). This was due to post-processing to evaluate external users/groups, the entry was actually updated properly. https://fedorahosted.org/freeipa/ticket/1348
* Specify the package name when the replication plugin is missing.Rob Crittenden2011-07-181-1/+2
| | | | ticket https://fedorahosted.org/freeipa/ticket/1155
* Fixed host details fields.Endi S. Dewata2011-07-181-11/+11
| | | | | | | The host details facet has been fixed to remove a redundant field and include some missing fields. Ticket #1484
* Removed reverse zones from host adder dialog.Endi S. Dewata2011-07-182-9/+31
| | | | | | | The host adder dialog has been modified to specify the new flag for retrieving the forward zones only. Ticket #1458
* Entity select widget improvementsEndi S. Dewata2011-07-1818-297/+453
| | | | | | | | The IPA.entity_select_widget has been modified into a searchable and editable drop down list. The base functionality has been extracted into IPA.combobox_widget. Ticket #1361
* Update minimum required version of python-netaddr.Jan Cholasta2011-07-171-0/+8
| | | | ticket 1288
* Generate a database password by default in all cases.Rob Crittenden2011-07-172-2/+2
| | | | | | | | | | | If the password passed in when creating a NSS certificate database is None then a random password is generated. If it is empty ('') then an empty password is set. Because of this the HTTP instance on replicas were created with an empty password. https://fedorahosted.org/freeipa/ticket/1407
* Set the ipa-modrdn plugin precedence to 60 so it runs lastRob Crittenden2011-07-172-0/+6
| | | | | | | | The default precedence for plugins is 50 and the run in more or less alphabetical order (but not guaranteed). This plugin needs to run after the others have already done their work. https://fedorahosted.org/freeipa/ticket/1370
* Set nickname of the RA to 'IPA RA' to avoid confusion with dogtag RARob Crittenden2011-07-171-2/+2
| | | | | | | | | | The old nickname was 'RA Subsystem' and this may confuse some users with the dogtag RA subsystem which we do not use. This will only affect new installs. Existing installations will continue to work fine. https://fedorahosted.org/freeipa/ticket/1236
* Fix failing tests due to object name changesRob Crittenden2011-07-172-8/+8
| | | | | Some object names had spaces in them which was bad, update the tests to reflect the new names.
* Create tool to manage dogtag replication agreementsRob Crittenden2011-07-177-30/+620
| | | | | | | | | | | | | | | | | | | | For the most part the existing replication code worked with the following exceptions: - Added more port options - It assumed that initial connections were done to an SSL port. Added ability to use startTLS - It assumed that the name of the agreement was the same on both sides. In dogtag one is marked as master and one as clone. A new option is added, master, the determines which side we're working on or None if it isn't a dogtag agreement. - Don't set the attribute exclude list on dogtag agreements - dogtag doesn't set a schedule by default (which is actually recommended by 389-ds). This causes problems when doing a force-sync though so if one is done we set a schedule to run all the time. Otherwise the temporary schedule can't be removed (LDAP operations error). https://fedorahosted.org/freeipa/ticket/1250
* Use information from the certificate subject when setting the NSS nickname.Rob Crittenden2011-07-174-21/+57
| | | | | | | | | | | There were a few places in the code where certs were loaded from a PKCS#7 file or a chain in a PEM file. The certificates got very generic nicknames. We can instead pull the subject from the certificate and use that as the nickname. https://fedorahosted.org/freeipa/ticket/1141
generated by cgit (git 2.34.1) at 2024-05-04 11:43:12 +0000