summaryrefslogtreecommitdiffstats
path: root/ipa-admintools
Commit message (Collapse)AuthorAgeFilesLines
* Big changeset that includes the work around keytab management.Simo Sorce2007-12-212-17/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Following the changelog history from my dev tree, some comments are useful imo ------------------------------------------------------ user: Simo Sorce <ssorce@redhat.com> date: Fri Dec 21 03:05:36 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c description: Remove remnants of the initial test tool changeset: 563:4fe574b7bdf1 user: Simo Sorce <ssorce@redhat.com> date: Fri Dec 21 02:58:37 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c description: Maybe actually encrypting the keys will help :-) changeset: 562:488ded41242a user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 23:53:50 2007 -0500 files: ipa-server/ipa-install/share/Makefile.am ipa-server/ipa-install/share/default-aci.ldif description: Fixes changeset: 561:4518f6f5ecaf user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 23:53:32 2007 -0500 files: ipa-admintools/Makefile ipa-admintools/ipa-addservice description: transform the old ipa-getkeytab in a tool to add services as the new ipa-getkeytab won't do it (and IMO it makes more sense to keep the two functions separate anyway). changeset: 559:25a7f8ee973d user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 23:48:59 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c description: Bugfixes changeset: 558:28fcabe4aeba user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 23:48:29 2007 -0500 files: ipa-client/configure.ac ipa-client/ipa-client.spec ipa-client/ipa-client.spec.in ipa-client/ipa-getkeytab.c description: Configure fixes Add ipa-getkeytab to spec Client fixes changeset: 557:e92a4ffdcda4 user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 20:57:10 2007 -0500 files: ipa-client/Makefile.am ipa-client/configure.ac description: Try to make ipa-getkeytab build via autotools changeset: 556:224894175d6b user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 20:35:56 2007 -0500 files: ipa-admintools/ipa-getkeytab ipa-client/ipa-getkeytab.c description: Messed a bit with hg commands. To make it short: - Remove the python ipa-getkeytab program - Rename the keytab plugin test program to ipa-getkeytab - Put the program in ipa-client as it should be distributed with the client tools changeset: 555:5e1a068f2e90 user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 20:20:40 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c description: Polish the client program changeset: 554:0a5b19a167cf user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 18:53:49 2007 -0500 files: ipa-server/ipa-install/share/default-aci.ldif ipa-server/ipa-install/share/default-keytypes.ldif ipa-server/ipa-install/share/kdc.conf.template ipa-server/ipa-install/share/kerberos.ldif ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c ipa-server/ipaserver/krbinstance.py description: Support retrieving enctypes from LDAP Filter enctypes Update test program changeset: 553:f75d7886cb91 user: Simo Sorce <ssorce@redhat.com> date: Thu Dec 20 00:17:40 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c description: Fix ber generation and remove redundant keys changeset: 552:0769cafe6dcd user: Simo Sorce <ssorce@redhat.com> date: Wed Dec 19 19:31:37 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c description: Avoid stupid segfault changeset: 551:1acd5fdb5788 user: Simo Sorce <ssorce@redhat.com> date: Wed Dec 19 18:39:12 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c description: If ber_peek_tag() returns LBER_ERROR it may just be that we are at the end of the buffer. Unfortunately ber_scanf is broken in the sense that it doesn't actually really consider sequence endings (due probably to the fact they are just representation and do not reflect in the underlieing DER encoding.) changeset: 550:e974fb2726a4 user: Simo Sorce <ssorce@redhat.com> date: Wed Dec 19 18:35:07 2007 -0500 files: ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c ipa-server/ipa-slapi-plugins/ipa-pwd-extop/test-get-keytab.c description: First shot at the new method
* Create ipa-radius-admintoolsKarl MacMillan2007-12-189-1306/+0
|
* Add a man page for ipa-getkeytab.Karl MacMillan2007-12-122-1/+66
|
* Add simple UI for command-line programs to be able to select whenRob Crittenden2007-12-104-28/+101
| | | | multiple entries are returned.
* Merge.Karl MacMillan2007-12-116-43/+45
|\
| * Rework input validation to more closely match what we require in the UIRob Crittenden2007-12-073-40/+40
| |
| * Fix delegation in the UI and add a missing aci that allows writes.Rob Crittenden2007-12-071-1/+3
| | | | | | | | Make ipa-deldelegation more user-friendly.
| * Fix spellingRob Crittenden2007-12-102-2/+2
| |
* | Merge.Karl MacMillan2007-12-112-0/+6
|\|
| * Notify the user when the search results have been truncatedRob Crittenden2007-12-052-0/+6
| |
* | mergeJohn Dennis2007-12-049-28/+156
|\|
| * Compatibility changes to work on RHEL 5 with python 2.4rcritten@redhat.com2007-11-302-2/+2
| |
| * delete_group() takes a DN, not a CN. Also do slightly better error reporting.Rob Crittenden2007-11-301-1/+13
| |
| * Add utility to lock user accounts. Remove lock capability from ipa-deluserRob Crittenden2007-11-266-25/+141
| | | | | | | | | | Fix bootstrap.ldif to add new Class of Service entries properly Include some man pages that weren't being installed
* | add user profile command line arg to all radiusJohn Dennis2007-11-283-2/+21
| | | | | | | | | | | | | | | | profile command line tools to select between shared and per user profiles modify AttributeValueCompleter so default values prefer previously entered values in editing session
* | merged radius work with latest mainline tipJohn Dennis2007-11-2820-71/+392
|\|
| * Add xml-rpc interface for getting keytabs.Karl MacMillan2007-11-212-0/+84
| | | | | | | | Warning: this lacks any sort of authorization.
| * Move packages to ipa from freeipa.Karl MacMillan2007-11-212-8/+14
| |
| * Bump the version numbers for release. Also removeKarl MacMillan2007-11-211-1/+1
| | | | | | | | | | | | specific version check on freeradius. Packages aren't available and the freeradius support isn't ready anyway.
| * Enable group inactivation by using the Class of Service plugin.Rob Crittenden2007-11-202-7/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
| * Implement the password policy UI and finish IPA policy UIRob Crittenden2007-11-161-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
| * Completely remove attributes when delattr argument in ipa-groupmodRob Crittenden2007-11-151-7/+15
| |
| * Completely remove attributes when delattr argumentRob Crittenden2007-11-151-3/+10
| |
| * Use same labels as UI for ipa-finduser and ipa-findgroupRob Crittenden2007-11-152-5/+29
| | | | | | | | Add -a option to ipa-findgroup to print all attributes
| * If unable to connect to the XML-RPC server print a more useful error msg.Rob Crittenden2007-11-1513-20/+96
| |
| * Allow a user or group to change an attribute in its RDNRob Crittenden2007-11-124-15/+86
| | | | | | | | | | Add secretary to the list of indexes otherwise RDN changing could be slow Port --addattr, --setattr and --delattr from usermod to groupmod
| * Add the capability to completely delete a user from the database. TheRob Crittenden2007-11-092-6/+19
| | | | | | | | default remains to inactivate them.
| * Require uniqueness in the name/comment field of delegationsRob Crittenden2007-11-092-1/+22
| | | | | | | | | | | | Fix error reporting in the UI to include the detailed message Sort delegations by name when displaying them Update the name field from "Name" to "Delegation Name"
* | bug fixesJohn Dennis2007-11-274-14/+11
| |
* | checkpoint bug fixing and cleanup of command line radius toolsJohn Dennis2007-11-274-124/+185
| |
* | do a better job of handling attribute deletionJohn Dennis2007-11-272-59/+42
| |
* | checkpoint work to add attribute deletionJohn Dennis2007-11-271-84/+164
| |
* | add parse_items(), read_items_file()John Dennis2007-11-264-4/+4
| | | | | | | | move read_pairs_file() to ipautil
* | add command line utilites for radius profilesJohn Dennis2007-11-265-0/+577
| |
* | remove radius_client.py, move contents to radius_util.pyJohn Dennis2007-11-264-10/+6
| |
* | checkpoint radius client add,modify,find,del working, command line args ↵John Dennis2007-11-263-1/+3
| | | | | | | | handled correctly
* | clean up attribute namesjdennis@VAIO2007-11-244-48/+50
| | | | | | | | clean up command line args in ipa-delradiusclient
* | clean up radius client command line toolsJohn Dennis2007-11-233-76/+137
| |
* | Add radius profile implementations:John Dennis2007-11-213-123/+179
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | get_radius_profile_by_uid add_radius_profile update_radius_profile delete_radius_profile find_radius_profiles Rewrite command line arg handling, now support pair entry, interactive mode with auto completion, reading pairs from a file, better handling of mandatory values, better help, long arg names now match attribute name in pairs Establish mappings for all attributes and names used in clients and profiles Add notion of containers to radius clients and profiles in LDAP Move common code, variables, constants, and strings into the files radius_client.py, radius_util.py, ipautil.py to eliminate redundant elements which could get out of sync if modified and to provide access to other code which might benefit from using these items in the future. Add utility functions: format_list() parse_key_value_pairs() Add utility class: AttributeValueCompleter Unify attribute usage in radius ldap schema
* | map attrs to friendly nameJohn Dennis2007-11-141-3/+10
| |
* | add ipa-findradiusclient searchJohn Dennis2007-11-142-0/+100
| |
* | radius client modify and delete workJohn Dennis2007-11-144-7/+220
| |
* | move radius client utility code to common radius_client.py so it can be sharedJohn Dennis2007-11-131-98/+1
| |
* | ipa-addradiusclient now workingJohn Dennis2007-11-131-8/+8
| |
* | checkpoint radius client workJohn Dennis2007-11-132-0/+249
|/
* Prevent gzip from requesting confirmation.Karl MacMillan2007-11-051-2/+2
| | | | | | | The current manpage installation gzips the files in place and requests confirmation before overwriting existing files. Add -f to prevent prompting. We should consider not gzipping the files in place.
* Use proper method of retrieving attributesRob Crittenden2007-11-011-1/+1
|
* Bump versions for release.Karl MacMillan2007-11-012-3/+9
|
* Remove multi-value set/add in ipa-usermod.Karl MacMillan2007-10-311-8/+7
| | | | | Calling --add multiple times will accomplish the same thing without the need for handling splits on ",".
* Rename memberOf to group_members in xml-rpc interface.Karl MacMillan2007-10-311-1/+1
|
generated by cgit (git 2.34.1) at 2024-05-22 02:36:48 +0000