freeipa.git - FreeIPA project

	Commit message (Collapse)	Author	Age	Files	Lines
*	Enforce the maximum username length set by IPA Policy	Rob Crittenden	2008-05-14	1	-0/+5
\| \| \| \|	439891
*	Don't allow the IPA server service principals to be removed.	Rob Crittenden	2008-05-08	1	-0/+5
\| \| \| \|	440282
*	Don't allow the admin user to be removed from the admins group.	Rob Crittenden	2008-04-04	1	-0/+5
\| \| \| \|	439281
*	Add missing normalizeDN() when removing members from a group.	Rob Crittenden	2008-04-04	1	-0/+5
\| \| \| \|	438387
*	Fix account activation.	Rob Crittenden	2008-03-31	1	-0/+25
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	We do account activation by using a Class of Service based on group membership. A problem can happen if the entry itself has an nsaccountlock attribute and you try doing Class of Service work as well because the local attribute has priority. So try to detect that the entry has a local nsAccountLock attribute and report an appropriate error. Don't allow the admins or editors groups to be de-activated. Return a better error message if account [in]activation fails. Catch errors when doing group [in]activation. 439230
*	Don't allow the admin user to be removed using the XML-RPC Interface.	Rob Crittenden	2008-03-28	1	-0/+5
\| \| \| \| \| \|	If a site really wants it gone then can delete it via LDAP. 439281
*	Allow the realm to be included in the name passed to add_service_principal()	Rob Crittenden	2008-03-17	1	-0/+5
\| \| \| \| \| \| \|	This is more kerberos-like and it doesn't hurt anything, we just won't allow realms other than our own to be used. 437566
*	Do argument type checking in the XML-RPC interface	Rob Crittenden	2008-02-29	1	-0/+5
\| \| \| \| \|	Fix error in service principals where the service wasn't being removed before doing the DNS lookup.
*	The admins group cannot be renamed.	Rob Crittenden	2008-02-27	1	-0/+5
\| \| \| \|	433880
*	Require that service principals resolve to a DNS A record.	Rob Crittenden	2008-02-26	1	-0/+5
\| \| \| \| \| \|	There is a --force option for those who know what they are doing. 433483
*	Don't allow a group to be a member of itself.	Rob Crittenden	2008-02-22	1	-0/+5
\| \| \| \|	434542
*	Set the license uniformly to GPLv2 only.	Rob Crittenden	2008-02-04	1	-1/+1
\|
*	Make the old entry option in update_*, check for empty parameters and	Rob Crittenden	2007-12-11	1	-3/+3
\| \| \| \|	fix some problems reported by pychecker.
*	Phase 1 of allowing admins to set the default object classes for users & groups	Rob Crittenden	2007-12-04	1	-0/+5
\| \| \| \| \| \| \|	This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields.
*	Don't allow the admins or editors groups to be removed.	Rob Crittenden	2007-11-30	1	-0/+15
\| \| \| \|	Don't allow the default group for users to be removed.
*	Implement the password policy UI and finish IPA policy UI	Rob Crittenden	2007-11-16	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
*	Handle ldap.UNWILLING_TO_PERFORM more gracefully	Rob Crittenden	2007-11-09	1	-0/+5
\|
*	Enable multi-value field support for some attributes on the edit pages	Rob Crittenden	2007-11-08	1	-0/+5
\| \| \| \| \|	Better error reporting in the GUI Include a document describing how multi-valued fields work
*	Fix build issues by combining patches submitted by Michael Gregg and	Rob Crittenden	2007-10-17	1	-2/+0
\| \| \| \| \|	Karl MacMillan Remove #!/usr/bin/python from many files to quiet rpmlint
*	Try to catch more error conditions during installation	rcritten@redhat.com	2007-10-03	1	-0/+5
\| \| \| \| \| \|	Modify the way we detect SELinux to use selinuxenabled instead of using a try/except. Handle SASL/GSSAPI authentication failures when getting a connection
*	Do group operations based on the group DN, not the CN	rcritten@redhat.com	2007-10-02	1	-1/+16
\| \| \| \| \|	Add new class of errors for connections Raise an exception if a connection cannot be made due to missing ccache
*	Initial support for Groups	rcritten@redhat.com	2007-08-24	1	-0/+5
\| \| \| \| \| \| \| \| \|	Create separate object for Users and Groups (using same base class) Check for uniqueness before adding new users and groups Remove user_container from everything but add operations Abstract out a number of functions that are common across users and groups Make sure all strings passed in to be in a filter are checked Add new error message: No modifications specified
*	Create ipaerror module.	Kevin McCarthy	2007-08-22	1	-0/+126
	Move LDAPError trapping/conversion into the ipaldap module. Fix xmlrpc layer to encode/decode ipaerrors properly. Also, implement mid-air collision exception for updates.