| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
hostname that might actually exist but you do not want to even attempt to resolve it via DNS
|
|
|
|
| |
configuration entry Added support to ipa-replica-manage to add winsync agreements. I mostly used the existing code for setting up replication agreements since replication and winsync are quite similar in their configuration. I just had to add some extra attributes to the sync agreement configuration. The tricky part was importing the Windows CA cert.
|
| |
|
|
|
|
| |
are debugging within the directory server
|
| |
|
|
|
|
| |
callbacks, and gets default values from various configuration entries in the IPA tree
|
|
|
|
| |
homeDirectory prefix and use that to construct the homeDirectory attribute -lookup attribute containing the default gidNumber and use that to add the gidNumber to new users -construct the gecos field from the cn attribute
|
|
|
|
| |
makefiles, spec file * added stubs for the api, including begin update, end update, and destroy callbacks * added config code to allow dynamic dse config changes and auto-discovery of realm and new user objectclass list
|
| |
|
|
|
|
| |
ipa-fix-CVE-2008-3274
|
| |
|
| |
|
|
|
|
| |
Remove SUP name from RFC2307bis.update to match FDS
|
| |
|
|
|
|
| |
currently kerberized (and may never be due to their nature).
|
|
|
|
| |
Fixes: 441566
|
|
|
|
| |
Fixes: 462489
|
|
|
|
|
| |
This significantly simplifies the tool and makes it possible to apply
updates from the installer without forking off another process.
|
|
|
|
|
|
|
|
| |
Running at the end ensures that /etc/ipa/ipa.conf is created and generally
makes it more likely to succeed.
Added a new argument to ipa-server-installl, -y <password_file>, so we
don't have to pass it on the command-line.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The updates directory is currently hardcoded to /usr/share/ipa/updates.
All of the files are read into memory and then sorted by the length of the DN.
This is so we can be sure that parent entries are added before children.
Also add a man page.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also handle syntax errors a bit more gracefully and allow the updater to
work on more than one file at a time.
Adjust to new config.py and use a custom exception class for syntax errors.
Also fix a error in parsing the separate files
Include slapi-nis in Requires
Includes work provided by Martin Nagy
460055
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This tool takes as input a file which contains basically an LDIF, prefixed
with a command: default, add, remove or only. These define the operations
to perform such as adding new entries, adding new sub-entries to an existing
entry, adding or modifying attributes in a record.
If an index entry is modified a task is created to re-create the index.
Schema may be added using this tool.
454031
|
| |
|
|
|
|
| |
command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234
|
|
|
|
|
| |
Import all of change master key directly into the help fix,
allows for better control
|
| |
|
|
|
|
|
| |
but will allow for changing configurations without having to restart DS.
Password operations are slow and rare enough this is an acceptable compromise.
|
|
|
|
|
|
| |
- wrong import in certs.py makes ipa-replica-manage fail
- close the fs after the stash file is written so that the file is updated
immediately and not when the fd is garbage collected
|
|
|
|
| |
459209
|
| |
|
|
|
|
|
|
| |
directory and ensure that it gets cleaned up when we're done with it.
458159
|
|
|
|
| |
does not work as expected and generates faulty keys
|
| |
|
|
|
|
|
|
| |
autoconfiguration files.
458871
|
|
|
|
|
|
| |
other apps.
459061
|
|
|
|
| |
450613, 457124
|
|
|
|
| |
thanks to W. Michael Petullo <mike@flyn.org> for finding the problem.
|
| |
|
|
|
|
|
| |
protected connections to other LDAP servers
Fix error reporting on replica creation.
|
|
|
|
|
|
|
|
|
|
|
| |
ldap add and modify operation performed on the userPassword attribute.
Add helper functions to reduce code duplication.
Do not enforce encrypted connections on ldap add/ldap mod for compatibility
reasons. (We cannot enforce people not to send the password in the clear
anyway, we can only refuse to accept it at the most which does not gain
you much if someone then re-send you the same password previously exposed)
|
|
|
|
|
|
|
|
|
|
| |
Fix make maintainer-clean
Also make RPM naming consistent by using a temp RELEASE file.
This one helps when testing builds using rpms.
Just 'echo X > RELEASE' to build a new rpms (X, X+1, X+2 ...)
Version 1.1.0 was released some times ago, bump up to 1.1.1
|
|
|
|
|
|
| |
information. This way we do not risk to leave around sensitive data.
Set the destination host in the replica file too and do checks against
in ipa-replica-install
|
|
|
|
|
| |
Use SystemRandom() instead of Random() so that the randomicity
is non-deterministic.
|
|
|
|
| |
the account Never Expires
|
|
|
|
|
|
|
|
| |
This sets the regex to [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
Also change the validators to return True/False
450613, 457124
|
| |
|