summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c
Commit message (Collapse)AuthorAgeFilesLines
* Teach ipa-pwd-extop to respect global ipaUserAuthType settingsNathaniel McCallum2014-02-111-141/+26
| | | | https://fedorahosted.org/freeipa/ticket/4105
* Add OTP sync support to ipa-pwd-extopNathaniel McCallum2014-02-111-192/+194
|
* Remove generation and handling of LM hashesSumit Bose2013-11-011-15/+2
| | | | https://fedorahosted.org/freeipa/ticket/3795
* Use the right attribute with ipapwd_entry_checks for MagicRegenSumit Bose2013-10-081-1/+2
| | | | | | | | | | | | | There is a special mode to set the ipaNTHash attribute if a RC4 Kerberos key is available for the corresponding user. This is typically triggered by samba via the ipa_sam passdb plugin. The principal used by samba to connect to the IPA directory server has the right to modify ipaNTHash but no other password attribute. This means that the current check on the userPassword attribute is too strict for this case and leads to a failure of the whole operation. With this patch the access right on ipaNTHash are checked if no other password operations are requested.
* Add OTP support to ipa-pwd-extopNathaniel McCallum2013-05-171-7/+300
| | | | | | | | | During LDAP bind, this now plugin determines if a user is enabled for OTP authentication. If so, then the OTP is validated in addition to the password. This allows 2FA during user binds. https://fedorahosted.org/freeipa/ticket/3367 http://freeipa.org/page/V3/OTP
* Remove unnecessary prefixes from ipa-pwd-extop filesNathaniel McCallum2013-05-171-0/+1349
generated by cgit (git 2.34.1) at 2024-05-18 10:23:29 +0000