| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
| |
Keep instance specific data in /var/lib/dirsrv
|
| |
|
|
|
| |
Pass passwords to ldappasswd by using files.
Replace use of mozldap's ldappaswd with openldap's one.
|
| | |
|
| |
|
|
| |
ticket 347
|
| |
|
|
| |
ticket 247
|
| |
|
|
| |
ticket 325
|
| |
|
|
| |
ticket 226
|
| |
|
|
|
|
|
|
|
|
| |
It would be nicer if we disabled the command altogether but this would require
checking the server to see every time the ipa command is executed (which would
be bad). We can't store this in a configuration file because it is possible
to add a DNS post-install (and it would require adding this to every single
client install).
ticket 147
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Support is fairly basic right now and will only work on the CLI. All
the work is done on the client side.
To continue past errors use the --continue option.
Fixed a bug where direct mounts weren't always added properly.
Added real user documentation to the plugin.
ticket 78
|
| | |
|
| |
|
|
|
|
|
|
| |
Add automatic creation of python an C file lists for potfiles
Deletes useless copy of Makefile in install/po
Remove duplicate maintainer-clean target
Add debug target that prints file lists
Unbreak update-po target, merges in patch from John
|
| | |
|
| |
|
|
|
|
| |
This is a little bit of a copy and paste approach, as the code for__json__
was copied from baseldap. Long term, we want to rewrite this plugin as
an extension of baseldap anyway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an initial implementation of certificate management for
services. It addresses the mechanism required to view and update
certificates. The complete UI implementation will be addressed in
subsequent patches.
On the server side, the service.py has been modified to define
usercertificate in the service object's takes_params. This is
needed to generate the proper JSON metadata which is needed by
the UI. It also has been modified to accept null certificate for
deletion.
On the client side, the service details page has been modified to
display the base64-encoded certificate in a text area. When the
page is saved, the action handler will store the base64-encoded
certificate in the proper JSON structure. Also the service name
and service hostname are now displayed in separate fields.
The details configuration has been modified to support displaying
and updating certificates. The structure is changed to use maps
to define sections and fields. A section contains name, label,
and an array of fields. A field contains name, label, setup
function, load function, and save function. This is used to
implement custom interface and behavior for certificates.
All other entities, test cases, and test data have been updated
accordingly. Some functions and variables have been renamed to
improve clarity and consistency.
|
| |
|
|
| |
ticket 229
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The plugin required a base64-encoded certificate and always decoded it
before processing. This doesn't work with the UI because the json module
decodes binary values already.
Try to detect if the incoming value is base64-encoded and decode if
necessary. Finally, try to pull the cert apart to validate it. This will
tell us for sure that the data is a certificate, regardless of the format
it came in as.
ticket 348
|
| | |
|
| |
|
|
|
|
|
|
|
| |
There is no point (and it is confusing) to print an empty list when
modifying group membership fails, so suppress it.
If any membership change fails we should return non-zero.
tickets 271, 273, 274
|
| |
|
|
|
|
|
| |
ipa-dns-manage could fail in very odd ways depending on the current
configuration of the server. Handle things a bit better.
ticket 210
|
| |
|
|
|
|
|
| |
Give a better heads-up on how long the installation will take. Particularly
important when configuring dogtag.
ticket 139
|
| |
|
|
|
|
|
|
| |
Basically, make 'all' mutually exclusive. This makes debugging lots easier.
If say usercat='all' there is no point adding specific users to the rule
because it will always apply to everyone.
ticket 164
|
| |
|
|
| |
Populate the entity search pages with the results of a search with a blank filter even if no filter has been specified
|
| | |
|
| |
|
|
|
|
|
|
| |
Population of the policy and entites tabs.
DNS and ACI are broken due to PLugin issues
Fix for entities without search
Added new files to Makefile.am
used rolegroup.js file as the start point, renamed to serverconfig.js
|
| |
|
|
|
| |
Provide simplified logging macros that appropriately use __func__ __FILE__,
__LINE__, or the plugin name depending on the log level.
|
| |
|
|
| |
This fixes a har crash when someone tries to fetch a keytab
|
| |
|
|
|
|
|
|
| |
When we uninstall we wipe out the entire LDAP database, so it doesn't really
make mush sense to try to also remove single entries from it.
This avoids the --uninstall procedure to fail because the DM password is not
available or the LDAP server is down, and we are just trying to cleanup
everything.
|
| |
|
|
|
|
|
|
| |
This attribute is required for samba to properly identify a user has changed
it's password and doesn't need to change it again at next login.
At the same time, if we are forcing a pssword reset we also need to let samba
know the user must change its password.
|
| |
|
|
|
|
| |
Slapi plugins must use mozldap because 389 ds is compiled against that.
ipa_kpasswd, instead, should be linked against openldap.
So always make sure both are available.
|
| |
|
|
|
|
|
| |
One typo was mis-spelling the admins group name
The second was an extraneous 'aci' in the name of two acis.
ticket 335
|
| |
|
|
| |
This also corrects a duplication problem in acis.
|
| |
|
|
|
|
| |
The ipa_error_handler() has been modified to display the AJAX URL
that is having a problem. The ipa_cmd() error handler is now invoked
using call() to pass 'this' object which contains the URL.
|
| |
|
|
| |
Ticket #326
|
| |
|
|
| |
Ticket #292
|
| |
|
|
| |
Ticket #165
|
| |
|
|
| |
Ticket #321
|
| | |
|
| | |
|
| |
|
|
|
| |
A README file for the UI Unit Test has been added. It contains a link
to the online documentation: http://www.freeipa.org/page/UI_Unit_Tests
|
| |
|
|
|
|
| |
We were mistakenly removeing the latest password from the passwordHistory
once the max history values were reached. Make sure we remove the oldest one
instead.
|
| |
|
|
| |
Trun tabs into quartets of spaces. Fit lines to not exceed 80 columns.
|
| |
|
|
|
|
| |
By default LM hash is disabled.
Of course generation still depends on whether the SamAccount objectclass is
present in the user object.
|
| |
|
|
|
|
| |
Helps when you need to add random snippets of config that really do not deserve
a full atttribute, but are still something you want to put in LDAP and have
replicated.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Use __func__ in log functions instead of the explicit function name
so that if the function need to be renamed later logs reflect the
change automatically w/o the need to change all occurrences.
Also makes a grep for the function name less noisy avoiding tons of
false positives.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
1) Added new attribute memberDenyCommand
2) Renamed memberCmd to memberAllowCmd
3) Changed the object class:
* removed type
* reflected the rename change
* added the new attribute
4) Renumbered the attributes (while we still can) for consistency.
|
| |
|
|
|
| |
The ipa_entity_quick_links() has been modified to show tooltips when
hovering on quick links.
|
| |
|
|
| |
They were made as non-POSIX originally, keep them that way.
|
