| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
439891
|
|
|
|
| |
440282
|
|
|
|
| |
439281
|
|
|
|
| |
438387
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do account activation by using a Class of Service based on group
membership. A problem can happen if the entry itself has an nsaccountlock
attribute and you try doing Class of Service work as well because the
local attribute has priority. So try to detect that the entry has a local
nsAccountLock attribute and report an appropriate error.
Don't allow the admins or editors groups to be de-activated.
Return a better error message if account [in]activation fails.
Catch errors when doing group [in]activation.
439230
|
|
|
|
|
|
| |
If a site really wants it gone then can delete it via LDAP.
439281
|
|
|
|
|
|
|
| |
This is more kerberos-like and it doesn't hurt anything, we just won't
allow realms other than our own to be used.
437566
|
|
|
|
|
| |
Fix error in service principals where the service wasn't being removed before
doing the DNS lookup.
|
|
|
|
| |
433880
|
|
|
|
|
|
| |
There is a --force option for those who know what they are doing.
433483
|
|
|
|
| |
434542
|
| |
|
|
|
|
| |
fix some problems reported by pychecker.
|
|
|
|
|
|
|
| |
This adds the UI and does error checking of the selected object classes but
it doesn't actually use the values yet.
It also generalizes some functions for doing multi-valued fields.
|
|
|
|
| |
Don't allow the default group for users to be removed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes a default password policy
Custom fields are now read from LDAP. The format is a list of
dicts with keys: label, field, required.
The LDAP-based configuration now specifies:
ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title
ipaGroupSearchFields: cn,description
ipaSearchTimeLimit: 2
ipaSearchRecordsLimit: 0
ipaCustomFields:
ipaHomesRootDir: /home
ipaDefaultLoginShell: /bin/sh
ipaDefaultPrimaryGroup: ipausers
ipaMaxUsernameLength: 8
ipaPwdExpAdvNotify: 4
This could use some optimization.
|
| |
|
|
|
|
|
| |
Better error reporting in the GUI
Include a document describing how multi-valued fields work
|
|
|
|
|
| |
Karl MacMillan
Remove #!/usr/bin/python from many files to quiet rpmlint
|
|
|
|
|
|
| |
Modify the way we detect SELinux to use selinuxenabled instead of using
a try/except.
Handle SASL/GSSAPI authentication failures when getting a connection
|
|
|
|
|
| |
Add new class of errors for connections
Raise an exception if a connection cannot be made due to missing ccache
|
|
|
|
|
|
|
|
|
| |
Create separate object for Users and Groups (using same base class)
Check for uniqueness before adding new users and groups
Remove user_container from everything but add operations
Abstract out a number of functions that are common across users and groups
Make sure all strings passed in to be in a filter are checked
Add new error message: No modifications specified
|
|
Move LDAPError trapping/conversion into the ipaldap module.
Fix xmlrpc layer to encode/decode ipaerrors properly.
Also, implement mid-air collision exception for updates.
|