| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Move some ACI functions around in preparation for cli delegation
|
|
|
|
|
|
|
| |
Current ipa-python imports and calls code from ipaserver (which is in
the ipa-server package). This makes it impossible to use the admin
tools or the ipa-python package on a system without the server bits
installed. This fixes that in a fairly minimal way.
|
|
|
|
|
| |
For now I've added a new API call. The field-specific searching is
a ways off.
|
|
|
|
|
| |
Karl MacMillan
Remove #!/usr/bin/python from many files to quiet rpmlint
|
| |
|
| |
|
|
|
|
| |
Also a couple double-escaping fixes I missed in the last patch.
|
| |
|
|
|
|
|
|
|
| |
Don't read ipa.conf to get the realm, the kerberos libs do that for you.
Use the krbPrincipalName to change passwords
Make it possible to specify the principal at user creation.
Mail is not a required attribute so far, don't require it.
|
|
|
|
| |
Added a couple more API calls to make the inverse operations easier.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Install the turbogears web gui including an init script. This
patch includes a few related changes:
* create a production configuration
* rename the web gui startup scrip to ipa-webgui
* add an init script
* chkconfig on the ipa-webgui init script
* make the start script properly daemonize the app when not
in a development directory.
* Install everything to the correct places (/usr/sbin/ipa-webgui
and /usr/share/ipa/ipagui mainly).
There are some things still left to do:
* Sort out the logging - the config needs to be adjusted so
that logging messages end up in /var/log.
|
|
|
|
|
| |
Renamed some of the user_group parameters to be self-evident.
Binary wrapping isn't necessary on strings, so removed from xmlrpc calls.
|
|
|
|
| |
Fixes a bug with the group by member where is wasn't trapping not found errors.
|
| |
|
|\ |
|
| |
| |
| |
| | |
Use the filter generation code to search on multiple fields.
|
| |
| |
| |
| |
| | |
Limit editgroup user ajax search.
Minor UI cleanup for editgroup.
|
| |
| |
| |
| |
| |
| | |
name and location of the keytab. In order for this keytab to be usable
TurboGears and Apache will need to run as the same user. We will also need
to listen only on localhost in TG.
|
|/
|
|
| |
Remove some unused calls to retrieve the current realm
|
|
|
|
|
|
| |
This way it returns results even if the search times out.
The find_users() search now returns a counter as the first result, which
is set to -1 if the results are partial.
|
|
|
|
|
|
| |
Implement adding a group to a group
Some other small fixups
Add new cmd-line tool ipa-delgroup
|
|
|
|
|
|
|
|
| |
removes the need for LDIF conversion. It will make TurboGears direct
code faster, but should keep xmlrpc about the same speed.
The patch also swaps out ldap.cidict for the IPA CIDict class. IPA code
should only use the CIDict class now.
|
|
|
|
|
|
|
|
|
| |
Create separate object for Users and Groups (using same base class)
Check for uniqueness before adding new users and groups
Remove user_container from everything but add operations
Abstract out a number of functions that are common across users and groups
Make sure all strings passed in to be in a filter are checked
Add new error message: No modifications specified
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rpcclient.py must call XML-RPC functions with all arguments.
Removed encode_args and decode_args. They were the source of most of the
argument pain. Now opts is alwyas appended to the end of the arguments
so MUST be the last argument in any server-side function (can be None)
Allow the User object to handle unicode data
Small fixes to command-line tools to be friendlier
Broke out get_user() into get_user_by_dn() and get_user_by_uid()
Need to request more than just 'nsAccountLock' attribute when trying to
see if a user is already marked deleted. If it is blank the record
coming back is empty. Add 'uid' to the list to guarantee something coming
back (dn is handled specially)
Added user_container attribute to get_user_* and add_user so the caller
can specify where in the tree the user will be searched for/added.
Added global default value for user_container
|
| |
|
|
|
|
|
| |
object. Based on rcrit's original patch.
Push scalar to list value conversion inside funcs.py.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Fix fields to be lowercase in web gui (server now returns them lowercase).
Fix ipaclient.py to refer to lowercase fields when adding a user.
Fix user.getValue() to check isinstance(value,list) instead of value[0].
|
|
|
|
|
| |
Comment some functions
Add attribute argument to get_user()
|
|
|
|
|
| |
Add ability to update existing users
Try to prevent fetching and setting empty strings
|
|
|
|
| |
Implement user search
|
|
- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires
- Remove references to admin server in ipa-server-setupssl
- Generate a client certificate for the XML-RPC server to connect to LDAP with
- Create a keytab for Apache
- Create an ldif with a test user
- Provide a certmap.conf for doing SSL client authentication
- Update tools to use kerberos
- Add User class
|