summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix typo in ipa-client-install manpage.Rob Crittenden2008-05-141-1/+1
| | | | 446201
* Make sure all services are stopped during uninstall.Rob Crittenden2008-05-142-1/+8
| | | | | | | | | We were just shutting down the KDC if it had been started prior to IPA installation. We need to stop it in all cases. And we should restart nscd as it may have made an LDAP connection. 440322
* Enforce the maximum username length set by IPA PolicyRob Crittenden2008-05-142-0/+30
| | | | 439891
* Do a more thorough job of removing an existing DS instance.Rob Crittenden2008-05-131-0/+4
| | | | | | Add /usr/lib/dirsrv/slapd-INSTANCE to the list of directories removed. 442753
* Catch name resolution errors coming from the socket module.Rob Crittenden2008-05-1318-0/+72
| | | | 442650
* The admin user doesn't have the inetorgperson objectclass so don't have a ↵Rob Crittenden2008-05-131-0/+10
| | | | | | | | | givenname attribute. The UI is currently hardcoded to require "first name" which renders the admin user uneditable via the UI. This is a hack that will allow admin to be edited, assuming that one doesn't try to add a firstname field. 440548
* fix stupid typo,Simo Sorce2008-05-101-1/+1
| | | | thanks Nalin for spotting this.
* Fix existence check, default_server is an array so we need toSimo Sorce2008-05-101-2/+2
| | | | check its length to determine if it is empty
* Display information on how to uninstall a partially installed server.Rob Crittenden2008-05-091-4/+10
| | | | | | | This may have failed either because the user pressed ^C or something failed during installation. 442454
* Include information on where to look if a hostname resolves to localhost.Rob Crittenden2008-05-091-1/+1
| | | | 442812
* Convert mercurial command to git equivalent for creating an archive.Rob Crittenden2008-05-091-1/+2
| | | | | | | | | By default it will use the master branch of the repo this is run from. To specify a different branch use the argument TARGET=<branch> e.g. make dist TARGET=ipa-1-0 442419
* On IPA Servers connect to ourselves using localhost,Simo Sorce2008-05-081-2/+5
| | | | | and avoid searching for KDC servers via DNS, we just connect to ourselves.
* Return better ewrror message that gives a hint about who actually returned itSimo Sorce2008-05-081-9/+6
| | | | + Some cleanups (trainling spaces and such).
* Detect existing DS instances and prompt for removal during replica install.Rob Crittenden2008-05-081-0/+32
| | | | 442454
* Add missing colon to function definition that broke the buildRob Crittenden2008-05-081-1/+1
|
* Add a version API to the server so it knows what version it is.Rob Crittenden2008-05-089-15/+50
| | | | 435019
* Don't allow the IPA server service principals to be removed.Rob Crittenden2008-05-082-0/+8
| | | | 440282
* Don't prompt for confirmation of DM password when installing a replica.Rob Crittenden2008-05-082-4/+12
| | | | | | | | | It implies that you are setting a new password and you really aren't. Also added a catch for KeyboardInterrupt with instructions on how to recover from a partial install. 441607
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-0710-62/+78
|
* Indent the plugin accordingly to our style guidelines.Simo Sorce2008-05-071-802/+758
| | | | Used indent -kr -nut dna.c for most of the changes
* Fix a bug in our dns library, do not return the query as a reply if 0 ↵Simo Sorce2008-05-071-7/+5
| | | | replies were returned.
* Refine our web space some more so that everything we reference is in /ipaRob Crittenden2008-05-0712-47/+171
| | | | | | | | | | | | | | | UI: /ipa/ui XML-RPC: /ipa/xml errors: /ipa/errors config: /ipa/config I had to hardcode that URI into the CSS pages but TurboGears handles the rest of the translations with tg.url(). Added a version to ipa.conf and ipa-rewrite.conf so we can update them in the future if needed with ipa-upgradeconfig 440443
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-059-711/+55
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* Remove duplicated "the" and add some formatting to the EXAMPLE for clarity.Rob Crittenden2008-05-051-3/+4
| | | | 443012
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-018-102/+109
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Fix ownership of the Apache NSS cert and key databases.Rob Crittenden2008-04-301-0/+10
| | | | | The group "apache" needs to have read access to them so they will work in Fedora 9+.
* Fix the client-side search size limit.Rob Crittenden2008-04-254-45/+45
| | | | | | | | | | | | | | I've changed the variable name searchlimit to sizelimit to match the name in python-ldap (and hopefully therefore be more readable). The big change was changing the default value from 0 to -1. As 0 we were never using the value from cn=ipaconfig python-ldap expects this to be an int type In the UI sizelimit was hardcoded at 0 for users 439880
* Make sure recent ldapmodify tool (as in F9) do not complain by splitting theSimo Sorce2008-04-251-0/+5
| | | | operation into 2 modify operations
* Add --verbose option so the HTTP headers and XML request/response can be seen.Rob Crittenden2008-04-2520-270/+457
| | | | | | | Also re-do the way modules are imported. I was attemping to have ^C handled gracefully but the way I did it could mask other problems. 443987
* Add nfs as a service principal type.Rob Crittenden2008-04-232-0/+2
| | | | 440242
* Don't let a user change their own uid. Fix some related errors if they try.Rob Crittenden2008-04-232-3/+8
| | | | 440895
* Don't allow a replica to prepare a replica for itself.Rob Crittenden2008-04-231-0/+3
| | | | 442756
* Fixed various memory leaks in memberOf plug-in.Nathan Kinder2008-04-221-2/+9
| | | | 440474
* Make sure we always have the [domain-realm] section or kerberos libs misbheave.Simo Sorce2008-04-221-5/+5
|
* Become version 1.0.0release-1-0-0Rob Crittenden2008-04-1616-26/+71
|
* Catch all errors when obtaining an LDAP connection.Rob Crittenden2008-04-151-0/+2
| | | | 442582
* Move print statement to the correct scope so it displays both lock and unlock.Rob Crittenden2008-04-151-1/+1
| | | | 442625
* Better detection of DS not starting.Rob Crittenden2008-04-141-3/+23
| | | | | | | The dirsrv init script always returns 0 on status checks, even if an instance is not started. So we have to look through the output instead. 442452
* Don't quit trying to lock a user if they aren't in the activated group.Rob Crittenden2008-04-141-1/+5
| | | | | | | | Users are considered activated by default so don't need to be in the activated group explicitly. Ignore the "not in group" error when trying to remove them. 442470
* Handle exceptions more gracefully on systems with python-ldap 2.2.0Rob Crittenden2008-04-141-5/+8
| | | | 442136
* Configure the ipa_pwd_extop plugin on replicas.Rob Crittenden2008-04-141-1/+4
| | | | | | | | If plugin isn't configured then the kerberos attributes don't get populated. User's will get Preauthentication errors from the kerberos libraries because there is no krbPrincipalKey to match against. 442134
* Use the same kpasswd.keytab on all replicas.Rob Crittenden2008-04-093-3/+12
| | | | | | | If we generate a new keytab for each replica then effectively password changes can only occur on the last replica created. 439905
* Fix client discovery and make sure command line options are not overwrittenSimo Sorce2008-04-091-36/+53
| | | | with discovered options, just verified.
* Make sure we use the configured server in ipa.conf first, andSimo Sorce2008-04-091-28/+23
| | | | fallback to the discovered ones only if that's not available
* Add --permitted-enctypes command and add it to the man page tooSimo Sorce2008-04-082-8/+52
|
* Make sure we start the NSCD daemon.Simo Sorce2008-04-081-0/+15
| | | | It makes a huge difference on clients, if we cache lookups
* is_integer returns the integer, don't use an if clause, just check it, if itSimo Sorce2008-04-081-12/+12
| | | | | is wrong it will just throw an exception and exit. Fix error reporting to use the canonical str(e)
* Fix error where password was getting set wrong if passed in on command-line.Rob Crittenden2008-04-081-1/+1
| | | | 439905
* The kpasswd keytab must not be owned by the dirsrv user.Simo Sorce2008-04-081-2/+0
| | | | Fix copy&paste error.
* SELinux fix from Dan WalshRob Crittenden2008-04-071-1/+1
| | | | 440646
generated by cgit (git 2.34.1) at 2024-06-09 11:48:25 +0000