summaryrefslogtreecommitdiffstats
path: root/ipa-server
Commit message (Collapse)AuthorAgeFilesLines
* Convert krbmaxpwdlife and krbminpwdlife from seconds into days and hoursRob Crittenden2007-12-032-7/+18
|
* Increase default max password lifetime from 10 to 90 daysRob Crittenden2007-12-031-1/+1
|
* Update build requires for libcap.Karl MacMillan2007-12-031-0/+2
|
* Improved ACIsSimo Sorce2007-11-301-9/+12
|
* minor typosSimo Sorce2007-11-302-2/+8
|
* Compatibility changes to work on RHEL 5 with python 2.4rcritten@redhat.com2007-11-309-31/+31
|
* Min Pwd Change Time Check after Password reset and other minor fixesSimo Sorce2007-11-302-26/+34
|
* Revert logging setup change because it has unintendedKarl MacMillan2007-12-031-3/+3
| | | | consequences during ipa-server-install.
* Require that the default users group existsRob Crittenden2007-11-302-10/+21
| | | | Fix some copy-paste errors from the password policy update
* Don't allow the admins or editors groups to be removed.Rob Crittenden2007-11-301-0/+10
| | | | Don't allow the default group for users to be removed.
* Remove optional arguments from the XML-RPC interfaceRob Crittenden2007-11-291-15/+15
|
* Change the password expiration message to be more precise.Rob Crittenden2007-11-292-4/+4
|
* Add utility to lock user accounts. Remove lock capability from ipa-deluserRob Crittenden2007-11-261-0/+6
| | | | | Fix bootstrap.ldif to add new Class of Service entries properly Include some man pages that weren't being installed
* Add ipa-python to maintainer-clean and clean up .pyc filesRob Crittenden2007-11-2813-0/+13
|
* Remove unnecessary attribute left over from testingRob Crittenden2007-11-261-1/+0
|
* Fix mode on ipa-keytab-util.Karl MacMillan2007-11-212-2/+4
|
* Add ipa-keytab-util to spec.Karl MacMillan2007-11-212-0/+2
|
* Add xml-rpc interface for getting keytabs.Karl MacMillan2007-11-219-4/+409
| | | | Warning: this lacks any sort of authorization.
* Move packages to ipa from freeipa.Karl MacMillan2007-11-212-10/+16
|
* Bump the version numbers for release. Also removeKarl MacMillan2007-11-213-8/+8
| | | | | | specific version check on freeradius. Packages aren't available and the freeradius support isn't ready anyway.
* Generate master password from Simo.Karl MacMillan2007-11-213-27/+5
|
* Added replication.pyKarl MacMillan2007-11-211-0/+316
|
* Initial replication setup.Karl MacMillan2007-11-2113-252/+704
| | | | | | | | | | | | | | | | | | | This add replication setup through two new commands: ipa-replica-prepare and ipa-replica-install. The procedure is to run ipa-replica-prepare on an existing master. This will collect information about the realm and the current master and create a file storing all of the information. After copying that file to the new replica, ipa-replica-install is run (with -r to create a read-only replica). This version of the patch also includes fixes for the sasl mappings on the replicas. Remaining features: - ssl for replication. - automatic configuration of mesh topology for master (or a simpler way to replicate multiple masters. - tool for view / configuring current replication.
* more s/unique// wrt groups members/objectclassesSimo Sorce2007-11-212-3/+3
|
* Use groupOfNames and member, not groupOfUniqueNames and uniqueMemberSimo Sorce2007-11-203-21/+21
|
* Fix subtle errors in kpasswdSimo Sorce2007-11-201-25/+73
|
* Use same tzinfo as the time parser to avoid TypeError from being thrownRob Crittenden2007-11-211-1/+1
|
* Enable group inactivation by using the Class of Service plugin.Rob Crittenden2007-11-2011-32/+214
| | | | | | | | | | | | | | | | | | | | This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
* Fix bad segfault when pwvals is nullSimo Sorce2007-11-191-34/+24
|
* Remove default SASL mappings if any to avoid conflicts with IPA SASL mappingsSimo Sorce2007-11-191-0/+19
|
* fix ldif typoSimo Sorce2007-11-191-1/+0
|
* Minor fixes.Karl MacMillan2007-11-193-3/+2
|
* Add pyasn1 requirement to rpms.Karl MacMillan2007-11-192-0/+2
|
* Fix installationSimo Sorce2007-11-184-0/+41
| | | | | Add missing schema for GUI Config, and missing objectclass for cn=accounts container
* Merge upstream and fix bad suffix in default-aciSimo Sorce2007-11-1818-168/+532
|\
| * - Report correct information back to users when policies prevent a successfulSimo Sorce2007-11-161-43/+202
| | | | | | | | | | | | | | password change. - Fix some minor error Initial code to read the Kerberos Master Key from the Directory
| * Small fix from Rob to pwd-extop-pluginKarl MacMillan2007-11-171-1/+1
| |
| * - Store Master Key in Ldap (Makes it easier to set up replicas)Simo Sorce2007-11-164-183/+502
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Does not require dirsrv access to stash file - Finalize password history support - Fix strict password length default in pwd_extop (fix install sctript too) - fix plugin configuration - Introduce 3 kind of password change: normal, admin, and ds manager - normal require adherence to policies - admin does not but password is immediately expired - ds manager can just change the password any way he likes. Initial code to read the Kerberos Master Key from the Directory
| * Implement the password policy UI and finish IPA policy UIRob Crittenden2007-11-1610-142/+506
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
| * Replace references to Person and People with User and UsersRob Crittenden2007-11-159-25/+25
| |
* | - Report correct information back to users when policies prevent a successfulSimo Sorce2007-11-161-43/+202
| | | | | | | | | | | | | | password change. - Fix some minor error Initial code to read the Kerberos Master Key from the Directory
* | - Store Master Key in Ldap (Makes it easier to set up replicas)Simo Sorce2007-11-164-183/+502
|/ | | | | | | | | | | | | | - Does not require dirsrv access to stash file - Finalize password history support - Fix strict password length default in pwd_extop (fix install sctript too) - fix plugin configuration - Introduce 3 kind of password change: normal, admin, and ds manager - normal require adherence to policies - admin does not but password is immediately expired - ds manager can just change the password any way he likes. Initial code to read the Kerberos Master Key from the Directory
* Add memberof-task.ldif.Karl MacMillan2007-11-151-0/+7
|
* Check for existance of of the target file in update_file. It used to silentlyRob Crittenden2007-11-151-1/+6
| | | | fail if the file it was to update didn't exist.
* Broke invididual Requires and BuildRequires onto separate lines andRob Crittenden2007-11-152-14/+68
| | | | | | reordered them Added python-tgexpandingformwidget as a dependency Require at least fedora-ds-base 1.1
* Initialize memberof patch from Pete Rowley.Karl MacMillan2007-11-152-1/+16
|
* Remove reference to a bogus system and make the error message more genericRob Crittenden2007-11-141-1/+1
|
* Forgot to include FQDN in the substitition listRob Crittenden2007-11-131-1/+1
|
* Make the group cn an editable field though protected by default.Rob Crittenden2007-11-143-26/+26
| | | | Fix some issues with the multi-value to single-value reversion.
* Include multi-value fields on the Add Person pageRob Crittenden2007-11-147-117/+241
| | | | Remove multi-valued cn from groups
generated by cgit (git 2.34.1) at 2024-10-05 20:44:59 +0000