freeipa.git/ipaserver/install, branch navigation

NS records not updated by replica

2011-05-03T13:12:07+00:00

When replica with DNS is installed, NS records for the managed zone
are not updated with the replica FQDN. The administrator then has
to do it manually to enroll the new DNS server to the zone.

This patch also removes the newly created NS records when the
replica is removed via ipa-replica-manage command.

https://fedorahosted.org/freeipa/ticket/1034

LDAP Updater may crash IPA installer

2011-05-02T14:45:41+00:00

Fix a logging error in ipa-ldap-updater which may cause IPA
installer to crash.

https://fedorahosted.org/freeipa/ticket/1199

Handle principal not found errors when converting replication a greements

2011-04-28T13:10:25+00:00

There are times where one side or the other is missing its peers
krbprincipalname when converting from simple to GSSAPI replication. Ticket
1188 should address the cause of this.

This patch provides better information and handling should either side
be missing.

ticket 1044

Improve Directory Service open port checker

2011-04-28T07:59:34+00:00

Wait for DS ports to open after _every_ DS service restart.
Several restarts were missed by the current open port checker
implementation.

https://fedorahosted.org/freeipa/ticket/1182

Wait for memberof task and DS to start before proceeding in installation.

2011-04-22T09:43:50+00:00

This was causing a replica DS instance to crash if the task was not
completed when we attempted a shutdown to do a restart.

In replication.py we were restarting the DS instance without waiting
for the ports to become available.

It is unlikely that the dn of the memberof task will change but just in
case I noted it in the two places it is referenced.

ticket 1188

Fix uninitialized attributes.

2011-04-21T08:41:29+00:00

The default groups we create should have ipaUniqueId set

2011-04-15T11:02:17+00:00

This adds a new directive to ipa-ldap-updater: addifnew. This will add
a new attribute only if it doesn't exist in the current entry. We can't
compare values because the value we are adding is automatically generated.

ticket 1177

Fix lint false positives.

2011-04-13T13:58:45+00:00

Fix traceback in ipa-nis-manage.

2011-04-11T19:33:03+00:00

The root user cannot use ldapi because of the autobind configuration.
Fall back to a standard GSSAPI sasl bind if the external bind fails.
With --ldapi a regular user may be trying this as well, catch that
and report a reasonable error message.

This also gives priority to the DM password if it is passed in.

Also require the user be root to run the ipa-nis-manage command.
We enable/disable and start/stop services which need to be done as root.

Add a new option to ipa-ldap-updater to prompt for the DM password.
Remove restriction to be run as root except when doing an upgrade.

Ticket 1157

Fix ORDERING in some attributetypes and remove other unnecessary elements.

2011-04-06T01:46:32+00:00

Looking at the schema in 60basev2.ldif there were many attributes that did
not have an ORDERING matching rule specified correctly. There were also a
number of attributeTypes that should have been just SUP
distinguishedName that had a combination of SUP, SYNTAX, ORDERING, etc.

This requires 389-ds-base-1.2.8.0-1+

ticket 1153