summaryrefslogtreecommitdiffstats
path: root/ipa-server/ipa-install
Commit message (Collapse)AuthorAgeFilesLines
* Fix stupid typo in update filerelease-1-2-1Simo Sorce2008-12-031-1/+1
|
* Adding an index for memberuid. Alsthough we do not use this attribute, many ↵Simo Sorce2008-12-022-0/+12
| | | | clients still ask for it so let's index it and make stuff faster.
* Fix makefiles after schema compat changesSimo Sorce2008-12-022-1/+1
|
* Corrected usage messages and manpage to match the logic for the ↵Nathan Kinder2008-12-011-1/+1
| | | | ipa-replica-manage init command.
* Run updates on the replica too, otherwise changes to cn=config will be missing.Simo Sorce2008-12-011-0/+4
|
* Make sure the CA cert is copied to the replica, fail if no ca.crt is ↵Simo Sorce2008-12-011-1/+1
| | | | available. Cope with some versions of ipa that forgot to copy the ca.crt cert in the right place.
* Add tool to enable or disable the schema compatibility pluginSimo Sorce2008-12-011-0/+0
|
* do not use ipaerror directly in ipa-replica-manage - use ldap exception insteadRich Megginson2008-11-251-1/+1
|
* Present a less-cryptic error if the replication agreement doesn't existRob Crittenden2008-11-121-1/+4
|
* Create a user for Windows PassSync and grant password changing permissionsRob Crittenden2008-11-121-2/+6
| | | | | | | | | This does 3 things: 1. Create a user for the Windows PassSync service 2. Add this use to the list of users that can skip password policies 3. Add an aci that grants permission to write the password attributes 471130
* Fix deleting a winsync replication agreement.Rob Crittenden2008-11-121-5/+8
|
* Install replication update fileRob Crittenden2008-10-311-1/+2
|
* Ensure that every replica gets a unique replication ID. Otherwise changes ↵Rob Crittenden2008-10-292-1/+11
| | | | | | won't propogate between all replicas. 468732
* add update to fix the index for the winsync attributesRich Megginson2008-10-132-0/+11
|
* add --win-subtree argument to ipa-replica-manageRich Megginson2008-10-131-0/+4
|
* Just add eq,pres to the existing indicesRich Megginson2008-10-131-8/+4
| | | | | There are already indexes created for ntUniqueID and ntUserDomainID by default We just need to make sure they are indexed for equality and presence
* Add more winsync support to cliRich Megginson2008-10-131-2/+14
| | | | | | | | | The ipa-replica-manage list, init, and synch commands do not work for winsync agreements. This patch adds that support and some additional verbose logging. The synch_master did not work correctly. The way it should work is to set the replication schedule to some bogus value, then reset it back to its original setting. This will force replication to take place immediately.
* fix issues brought up by initial review of ipa winsync enhancementsRich Megginson2008-10-132-7/+26
|
* add --no-host-dns option to ipa-server-install - allows specifying a ↵Rich Megginson2008-10-132-12/+7
| | | | hostname that might actually exist but you do not want to even attempt to resolve it via DNS
* Added support to IPA server install to install the winsync plugin ↵Rich Megginson2008-10-131-4/+32
| | | | configuration entry Added support to ipa-replica-manage to add winsync agreements. I mostly used the existing code for setting up replication agreements since replication and winsync are quite similar in their configuration. I just had to add some extra attributes to the sync agreement configuration. The tricky part was importing the Windows CA cert.
* Add detection to the update tool to detect when it would apply changes.Rob Crittenden2008-09-191-1/+1
| | | | Remove SUP name from RFC2307bis.update to match FDS
* Add standard override options to ipa-replica-prepareMartin Nagy2008-09-171-5/+3
| | | | Fixes: 462489
* Run the LDAP updater at the end of the installation process.Rob Crittenden2008-09-171-0/+5
| | | | | | | | Running at the end ensures that /etc/ipa/ipa.conf is created and generally makes it more likely to succeed. Added a new argument to ipa-server-installl, -y <password_file>, so we don't have to pass it on the command-line.
* Update files for the schema compatibility plugin and RFC4876 profilesRob Crittenden2008-09-126-0/+312
| | | | | | | | | | | | | | | Also handle syntax errors a bit more gracefully and allow the updater to work on more than one file at a time. Adjust to new config.py and use a custom exception class for syntax errors. Also fix a error in parsing the separate files Include slapi-nis in Requires Includes work provided by Martin Nagy 460055
* The True/False logic was reversed, so "no" meant remove the existing instanceRob Crittenden2008-09-121-1/+1
|
* Rework config.py and change cli tools. Maintain order of IPA servers from ↵Martin Nagy2008-09-111-5/+5
| | | | command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234
* CVE 2008 3274 related fixesSimo Sorce2008-09-101-2/+2
|
* When installing with an IPA-created CA generate the Firefox ↵Rob Crittenden2008-08-141-2/+2
| | | | | | autoconfiguration files. 458871
* Install the ca.crt file early on so that we can always enforce SSLSimo Sorce2008-08-131-7/+18
| | | | | protected connections to other LDAP servers Fix error reporting on replica creation.
* Used the encrypt_file and decrypt_file utility functions to encrypt replicaSimo Sorce2008-08-112-22/+60
| | | | | | information. This way we do not risk to leave around sensitive data. Set the destination host in the replica file too and do checks against in ipa-replica-install
* Fix few syntax errors.Martin Nagy2008-08-061-2/+2
|
* Fix python syntax error: missing colon.Rob Crittenden2008-08-061-1/+1
|
* Don't assume that the Firefox autoconfig files exist.Rob Crittenden2008-07-282-11/+14
| | | | | | | These are created by an object-signing cert and needs to be done after the fact if a server is created with user-supplied PKCS#12 files. 452402
* Move the self-signed CA serialno file to /var/lib/ipa to adhere to the FHSRob Crittenden2008-07-251-1/+1
| | | | 455064
* Wrap up the raw_input() to user_input() for convenience and uniformity.Martin Nagy2008-07-233-62/+31
|
* Rework the way SSL certificates are imported from PKCS#12 files.Rob Crittenden2008-07-144-59/+164
| | | | | | | | Add the ability to provide PKCS#12 files during initial installation Add the ability to provide PKCS#12 files when preparing a replica Correct some issues with ipa-server-certinstall 452402
* Admin must be able to add/delete tooSimo Sorce2008-07-091-1/+1
|
* Merge branch 'master' of ssh://rcritten@git.fedorahosted.org/git/freeipaRob Crittenden2008-07-031-1/+1
|\
| * Make sure we listen only on the krb5 port and therefore disable krb4 supportSimo Sorce2008-07-021-1/+1
| |
* | NSS_DIR is already fetched into a variable, use that instead.Rob Crittenden2008-07-031-6/+6
|/ | | | 451098
* Properly convert the realm to a DS instance nameRob Crittenden2008-07-011-1/+1
| | | | 451014
* Ensure correct permissions and file ownership of Apache NSS databaseRob Crittenden2008-07-011-0/+12
| | | | 451098
* Must index uidnumber and gidnumber and any attribute that dna plugin is goingSimo Sorce2008-06-121-0/+19
| | | | to generate or that we need to search on.
* Change default.Simo Sorce2008-06-121-2/+4
| | | | | | | By default increment by one but set the maximum value to one million. when installing a replica change values to start from 1 million +1 and cap it to 2 million and so on for any other replica.
* Index the memberof attributeRob Crittenden2008-06-111-0/+8
| | | | 450951
* Ensure that the realm name is upper-case.Rob Crittenden2008-06-091-3/+4
| | | | 449182
* Make it clear which packages are being configured and which aren't.Rob Crittenden2008-06-091-3/+15
| | | | 450175
* Fix typoRob Crittenden2008-06-051-1/+1
| | | | 450077
* Fix import for versionRob Crittenden2008-06-042-2/+2
|
* Add -p/--password option so the DM password can be passed on the command-line.Rob Crittenden2008-06-041-5/+10
| | | | | | The import for version moved from ipaserver to ipa, fix that as well. 449858
generated by cgit (git 2.34.1) at 2024-05-09 16:23:56 +0000