summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* user associationsAdam Young2011-01-041-1/+1
| | | | user assocaitions had been removed. This adds them back in.
* Improvements to enrollments in the webUI.Pavel Zuna2011-01-045-33/+124
| | | | | | | | | | | | TAKE 1 - Enrollement links in the action panel are now sorted by relationships. - You can only enroll members. (The webUI made the impression you can enroll parents as well, but it was broken.) - When enrolling new members, you can choose not to display already enrolled ones. (On by default.) - Couple cosmetic changes.
* Improve filtering of enrollments search results.Pavel Zuna2011-01-046-13/+68
| | | | | | | | | | | | | | | | | | | | | | This is required for effective filtering of enrollments search results in the webUI and also gives an edge to the CLI. After this patch, each LDAPObject can define its relationships to other LDAPObjects. For now, this is used only for filtering search results by enrollments, but there are probably more benefits to come. You can do this for example: # search for all users not enrolled in group admins ipa user-find --not-in-groups=admins # search for all groups not enrolled in group global with user Pavel ipa group-find --users=Pavel --not-in-groups=global # more examples: ipa group-find --users=Pavel,Jakub --no-users=Honza ipa hostgroup-find --hosts=webui.pzuna
* Don't use Class of Service for account activation, use attribute.Rob Crittenden2011-01-043-86/+5
| | | | | | | | | | To support group-based account disablement we created a Class of Service where group membership controlled whether an account was active or not. Since we aren't doing group-based account locking drop that and use nsaccountlock directly. ticket 568
* Make sure that the messagebus service is started.Rob Crittenden2011-01-041-0/+2
| | | | | | | This will prevent certmonger failures. On very minimal installs it seems that messagebus is not always started. ticket 528
* Remove unnecessary options from host-del.Rob Crittenden2011-01-041-1/+1
| | | | | | For some reason it was inheriting LDAPCreate.options... ticket 652
* Don't allow a user's uid to be set to 0.Rob Crittenden2011-01-041-0/+1
| | | | ticket 578
* Disable action panel links when the selected entry is deleted.Pavel Zuna2011-01-031-1/+5
| | | | Fix #685
* fail clean add and editAdam Young2011-01-031-1/+1
| | | | | | Don't close the dialog if the add fails and the user clickes add and edit fixes. https://fedorahosted.org/freeipa/ticket/663
* netgroups created by hostgroups lacked info ↵Jr Aquino2011-01-031-0/+2
| | | | https://fedorahosted.org/freeipa/ticket/653
* status labelAdam Young2010-12-231-1/+1
| | | | Change the label for the account status field IAW https://fedorahosted.org/freeipa/ticket/677
* Remove description field from configAdam Young2010-12-231-1/+0
| | | | | | This field does not exist https://fedorahosted.org/freeipa/ticket/677
* fix reset passwrodAdam Young2010-12-231-1/+1
| | | | The way we store the user object returned from user-find --whoami changed, and this code was not updated
* hide autommountAdam Young2010-12-231-1/+0
| | | | since automount is not yet implemented, remove it from the menu
* Become IPA v2 beta 1 (2.0.0.pre1)beta_1-2-0-0Rob Crittenden2010-12-221-3/+3
|
* hidden filterAdam Young2010-12-223-5/+30
| | | | | | The filter field on aci add is hidden, and prefilled with an object class that doesn't exist. Fixed the error where the other fields were removed
* Ask for reverse zone creation only when --setup-bind is specifiedJakub Hrozek2010-12-221-1/+3
|
* Update built-in help for user (ipa help user) with info about username format.Pavel Zuna2010-12-221-0/+6
| | | | Ticket #436
* Move permissions and privileges to their own container, cn=pbac,$SUFFIXRob Crittenden2010-12-229-234/+241
| | | | ticket 638
* dbe instead of lde One line bug fix for compat and nis toolsJr Aquino2010-12-222-2/+2
|
* Fix webUI command parameters error on Fedora 14.Pavel Zuna2010-12-221-1/+9
|
* Fix ipa-replica-manage man page to reflect current statusSimo Sorce2010-12-221-27/+47
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/627
* Temporary fix for 'connect' operationsSimo Sorce2010-12-211-1/+1
| | | | | | | Currently the code depends on using a password to create replication agreements. so this patch forces the request of the dirmgr password until we can fix the internal issues that prevent using the amdin user with SASL/GSSAPI to create replication agreements.
* Make ipa-replica-manage del actually remove all replication agreementsSimo Sorce2010-12-212-55/+52
| | | | | | | | The previous code was removing only one agreement, leaving all other in place. This would leave dangling replication agreements once the replica is uninstalled. Fixes: https://fedorahosted.org/freeipa/ticket/624
* Do not require DNS record, just warn if one is missingJakub Hrozek2010-12-211-9/+8
|
* Fix to man page for ipa-compat-manage There was a typo for the manpage, this ↵Jr Aquino2010-12-211-1/+1
| | | | is a one liner to fix.
* Rework old init and synch commands and use better names.Simo Sorce2010-12-213-30/+65
| | | | | | | | These commands can now be run exclusively o the replica that needs to be resynced or reinitialized and the --from command must be used to tell from which other replica it can will pull data. Fixes: https://fedorahosted.org/freeipa/ticket/626
* Remove referrals when removing agreementsSimo Sorce2010-12-214-8/+37
| | | | | | | | | Part of this fix requires also giving proper permission to change the replication agreements root. While there also fix replica-related permissions to have the classic add/modify/remove triplet of permissions. Fixes: https://fedorahosted.org/freeipa/ticket/630
* Make ipa-replica-manage list return all known mastersSimo Sorce2010-12-213-22/+51
| | | | | | | if ipa-replica-manage list is given a master name as argument then the tool has the old behavior of listing that specific master replication agreements Fixes: https://fedorahosted.org/freeipa/ticket/625
* Rename add command to connect in ipa-replica-manageSimo Sorce2010-12-211-35/+71
| | | | | | This change also improves command syntax parsing Fixes: https://fedorahosted.org/freeipa/ticket/623
* Add disconnect command to ipa-replica-manageSimo Sorce2010-12-212-2/+109
| | | | | | | | Can remove replication agreements between 2 replicas as long as it is not the last agreement (except for Ad replication agreements, which can always be removed). Fixes: https://fedorahosted.org/freeipa/ticket/551
* Remove common entries when deleting a master.Simo Sorce2010-12-215-40/+152
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/550
* Add replication related acis to all replicasSimo Sorce2010-12-214-12/+17
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/617
* populate the group select upon initial creationAdam Young2010-12-211-1/+1
| | | | Fixes the delegation add dialog
* In meta data make ACI attributes lower-case, sorted. Add possible attributes.Rob Crittenden2010-12-214-4/+11
| | | | | | | | | | | | The metadata contains a list of possible attributes that an ACI for that object might need. Add a new variable to hold possible objectclasses for optional elements (like posixGroup for groups). To make the list easier to handle sort it and make it all lower-case. Fix a couple of missed camel-case attributes in the default ACI list. ticket 641
* Fix reporting of errors when validating parameters.Pavel Zuna2010-12-212-2/+11
| | | | | | | | | | | | | | | | | | Print the attribute CLI name instead of its 'real' name. The real name is usually the name of the corresponding LDAP attribute, which is confusing to the user. This way we get: Invalid 'login': blablabla instead of: Invalid 'uid': blablabla Another example: Invalid 'hostname': blablabla instead of: Invalid 'fqdn': blablabla Ticket #435
* Added some fields to DNS2 pluginJan Zeleny2010-12-211-18/+13
| | | | | | | Field idnszoneactive is marked as optional, because it is set to true by default (see class dnszone_add). https://fedorahosted.org/freeipa/ticket/601
* Fix the mod operations.Pavel Zuna2010-12-211-0/+1
|
* SUDO plugin support for external hosts and users ↵Jr Aquino2010-12-212-6/+269
| | | | https://fedorahosted.org/freeipa/ticket/570
* sudo: treat mepOriginEntry hostgroups differently - if a hostgroup named by ↵Nalin Dahyabhai2010-12-211-1/+2
| | | | the memberHost attribute is not also a mepOriginEntry, proceed as before - if a hostgroup named by the memberHost attribute is also a mepOriginEntry, read its "cn" attribute, prepend a "+" to it, and call it done
* sudo and netgroup schema compat updates - fix quoting of netgroup entries - ↵Nalin Dahyabhai2010-12-213-12/+33
| | | | don't bother looking for members of netgroups by looking for entries which list "memberOf: $netgroup" -- the netgroup should list them as "member" values - use newer slapi-nis functionality to produce cn=sudoers - drop the real cn=sudoers container to make room for the compat container
* Fix race condition in installation due to use of asynchronous search.Simo Sorce2010-12-211-19/+12
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/640
* additions to patch 118Adam Young2010-12-202-10/+1
|
* aci uiAdam Young2010-12-2043-371/+3160
| | | | | | | | | | | | | | | | | | | | | | | | | | | Implements the role, privilege, permission, delegation and selfservice entities ui. Targetgroup has been added to the object types. The groups lists need to be filter. The filter is currently hidden, with a hyperlink that reads 'filter' to unhide it. Each keystroke in this filter performs an AJAX request to the server. There are bugs on the server side that block some of the functionality from completing Creating a Permission requires one of 4 target types. The add dialog in this version assumes the user will want to create a filter type. They can change this on the edit page. Most search results come back with the values as arrays, but ACIs seem not to. Search and details both required special code to handle non-arrays. The unit tests now make use of the 'module' aspect of QUnit. This means that future unit test will also need to specify the module. The advantage is that multiple tests can share a common setup and teardown. Bugs that need to be fixed before this works 100% are https://fedorahosted.org/freeipa/ticket/634 https://fedorahosted.org/freeipa/ticket/633
* cusor pointer for undo linkAdam Young2010-12-202-1/+5
|
* Change FreeIPA license to GPLv3+Jakub Hrozek2010-12-20277-2006/+2468
| | | | | | | | | | The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
* Translate the membergroup dn into a group name.Rob Crittenden2010-12-202-21/+29
| | | | | | Drop filter from the output, it is superfluous. ticket 634
* Enable filtering search results by member attributes.Pavel Zuna2010-12-204-2/+37
| | | | | | | | | | | | | | LDAPSearch base class has now the ability to generate additional options for objects with member attributes. These options are used to filter search results - search only for objects without the specified members. Example: ipa group-find --no-users=admin Only direct members are taken into account. Ticket #288
* Allow RDN changes from CLIJakub Hrozek2010-12-203-1/+49
| | | | https://fedorahosted.org/freeipa/ticket/397
* Clarify ipa-replica-install error messageJakub Hrozek2010-12-201-2/+2
|
generated by cgit (git 2.34.1) at 2024-06-18 13:16:23 +0000