summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins
Commit message (Collapse)AuthorAgeFilesLines
* Deleting a non-fully-qualified hostname should still delete its servicesRob Crittenden2010-03-301-3/+9
| | | | | We were being left with orphan services if the host entry was not removed using the FQDN.
* Fix cut-and-paste error in pwpolicy pluginRob Crittenden2010-03-231-2/+2
|
* Do a better query so we can optimize seeing if a cospriority is uniqueRob Crittenden2010-03-231-7/+11
|
* Use ldap2.make_*dn* methods in pwpolicy plugin.Pavel Zuna2010-03-221-1/+5
| | | | Fixes #572423.
* Raise an error if no modifications were performed in an update.Rob Crittenden2010-03-191-2/+0
| | | | | | | This will alert the user that nothing was done and is handy when used with --attr=''. This can be used to delete a non-required attribute but can be set to any valid attribute, present or not. We should alert the user if they attempt to delete a non-existant value.
* Ensure that the group policy priority is unique.Rob Crittenden2010-03-191-10/+54
| | | | | | We use CoS to determine the order in which group policy is applied. The behavior in CoS is undefined for multiple entries with the same cospriority.
* Fix a number of bugs in the pwpolicy pluginRob Crittenden2010-03-191-8/+22
| | | | | | | | | | This fixes: - Consistent usage of priority vs cospriority in options - Fixes bug introduced with recent patch where global policy couldn't be updated - Doesn't allow cospriority to be removed for groups (#570536) - returns the priority with group policy so it can be displayed - Properly unicode encode group names for display
* Catch modifications with no updates and raise an errorRob Crittenden2010-03-172-2/+11
| | | | 569848
* Retrieve the LDAP schema using kerberos credentials.Rob Crittenden2010-03-171-1/+2
| | | | This is required so we can disable anonymous access in 389-ds.
* Fix typo in automount doc message.Rob Crittenden2010-03-161-1/+1
| | | | | | Update the po to pick up this change too. 573979
* Provide more detailed NotFound error messages from baseldap classes.Pavel Zuna2010-03-091-7/+55
|
* localize doc stringsJohn Dennis2010-03-0810-36/+40
| | | | | | | | | | | | A number of doc strings were not localized, wrap them in _(). Some messages were not localized, wrap them in _() Fix a couple of failing tests: The method name in RPC should not be unicode. The doc attribute must use the .msg attribute for comparison. Also clean up imports of _() The import should come from ipalib or ipalib.text, not ugettext from request.
* Don't calculate min/max lifetime if None is passed in.Rob Crittenden2010-03-071-2/+2
| | | | | | | | None is passed if the option is set with --minlife=''. This is a valid use case to delete a non-required attribute. In this case we simply don't do the math on None and things work as expected. 569847
* Code cleanup: remove unused stuff, take 1.Pavel Zuna2010-03-0113-245/+12
|
* Don't try to revoke a cert that is already revoked.Rob Crittenden2010-02-262-5/+22
| | | | | We get a bit of an unusual error message back from dogtag when trying to revoke a revoked cert so check its status first.
* Make the --all option work in Add/Remove Member commands.Pavel Zuna2010-02-241-2/+18
|
* Translatable Param.label, Param.docJason Gerard DeRose2010-02-2419-250/+268
|
* Complete netgroup attributes.Pavel Zuna2010-02-231-1/+22
|
* Replace incorrect use of str.index with str.find in host plugin.Pavel Zuna2010-02-231-1/+1
|
* Make error message in migration plugin unicode.Pavel Zuna2010-02-171-2/+2
|
* Expand the types of groups that can be migrated to support IPA v1 migrationsRob Crittenden2010-02-171-1/+1
|
* Convert password policy integer values to unicode instead of str.Pavel Zuna2010-02-171-2/+2
|
* Auto-generate --all and --raw for commands, that return entries.Pavel Zuna2010-02-172-97/+4
|
* Fix the pwpolicy plugin to work better with new output system.Rob Crittenden2010-02-171-9/+24
|
* Use the Output tuple to determine the order of outputRob Crittenden2010-02-1510-46/+195
| | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
* Fix the automountlocation-tofiles command and add some labelsRob Crittenden2010-02-151-8/+18
|
* Add Object.label class attribute, enable in webUIJason Gerard DeRose2010-02-1212-3/+31
|
* Add default automount location. Auto-create auto.direct in new locations.Pavel Zuna2010-02-121-0/+3
|
* Implement pwplicy_find to show all group password policiesRob Crittenden2010-02-031-0/+32
| | | | | find is a bit of a misnomer here because we consider no search terms, it is all or nothing.
* Add flag to allow a cert to be re-issuedRob Crittenden2010-02-031-3/+7
| | | | | I don't want a user to accidentally re-issue a certificate so I've added a new flag, --revoke, to revoke the old cert and load the new one.
* Be more careful when base64-decoding certificatesRob Crittenden2010-02-021-6/+3
| | | | | Only decode certs that have a BEGIN/END block, otherwise assume it is in DER format.
* Remove group-specific password policy on group deletionRob Crittenden2010-01-291-0/+8
|
* Enabled CRUDS in webUI using wehjit 0.2.0Jason Gerard DeRose2010-01-262-1/+9
|
* Fix merge error, variable mis-named label instead of docRob Crittenden2010-01-211-1/+1
|
* User-defined certificate subjectsRob Crittenden2010-01-201-1/+17
| | | | | | | | | | | | | | | Let the user, upon installation, set the certificate subject base for the dogtag CA. Certificate requests will automatically be given this subject base, regardless of what is in the CSR. The selfsign plugin does not currently support this dynamic name re-assignment and will reject any incoming requests that don't conform to the subject base. The certificate subject base is stored in cn=ipaconfig but it does NOT dynamically update the configuration, for dogtag at least. The file /var/lib/pki-ca/profiles/ca/caIPAserviceCert.cfg would need to be updated and pki-cad restarted.
* Fix plugin to work with new output validation, add new helpersRob Crittenden2010-01-201-34/+57
| | | | | | | | Add a new get_subject() helper and return the subject when retrieving certificates. Add a normalizer so that everything before and after the BEGIN/END block is removed.
* Add DS migration plugin and password migration page.Pavel Zuna2010-01-201-0/+374
|
* Add --enable-migration option in config plugin.Pavel Zuna2010-01-201-1/+14
|
* Temporary fix for name collision of textui.print_entry.Pavel Zuna2010-01-201-2/+2
| | | | Somehow there's two of them... rename old one to print_entry1.
* Make DNS plugin support output validation and thus make it work again.Pavel Zuna2010-01-201-39/+86
|
* pass DER flag to x509.get_serial_number()John Dennis2010-01-191-1/+1
|
* Allow cospriority to be updated and fix description of priority orderingRob Crittenden2010-01-191-7/+27
| | | | | | Need to add a few more places where the DN will not be automatically normalized. The krb5 server expects a very specific format and normalizing causes it to not work.
* Use 'l' instead of 'localityname' in host plugin.Pavel Zuna2010-01-141-2/+14
| | | | | It seems that 'localityname' and 'locality' aliases were dropped in newer versions of DS.
* Make host objects aware of their membership and that l==localityName.Pavel Zuna2010-01-141-0/+6
|
* Add Kerberos Ticket Policy management plugin.Pavel Zuna2010-01-132-27/+167
|
* Add --all to LDAPCreate and make LDAP commands always display default ↵Pavel Zuna2010-01-117-14/+30
| | | | attributes.
* Use the caIPAserviceCert profile for issuing service certs.Rob Crittenden2010-01-081-2/+2
| | | | | | | | | | | This profile enables subject validation and ensures that the subject that the CA issues is uniform. The client can only request a specific CN, the rest of the subject is fixed. This is the first step of allowing the subject to be set at installation time. Also fix 2 more issues related to the return results migration.
* Add messages, declarative tests for rolegroup, taskgroup pluginsJason Gerard DeRose2009-12-182-7/+29
|
* Handle base64-encoded certificates better, import missing functionRob Crittenden2009-12-183-0/+11
|
* Make hosts more like real services so we can issue certs for host principalsRob Crittenden2009-12-162-12/+56
| | | | | This patch should make joining a client to the domain and using certmonger to get an initial certificate work.
generated by cgit (git 2.34.1) at 2024-10-01 03:32:18 +0000