summaryrefslogtreecommitdiffstats
path: root/ipa-server
Commit message (Collapse)AuthorAgeFilesLines
* Make sure all services are stopped during uninstall.Rob Crittenden2008-05-141-1/+3
| | | | | | | | | We were just shutting down the KDC if it had been started prior to IPA installation. We need to stop it in all cases. And we should restart nscd as it may have made an LDAP connection. 440322
* Enforce the maximum username length set by IPA PolicyRob Crittenden2008-05-141-0/+25
| | | | 439891
* Do a more thorough job of removing an existing DS instance.Rob Crittenden2008-05-131-0/+4
| | | | | | Add /usr/lib/dirsrv/slapd-INSTANCE to the list of directories removed. 442753
* The admin user doesn't have the inetorgperson objectclass so don't have a ↵Rob Crittenden2008-05-131-0/+10
| | | | | | | | | givenname attribute. The UI is currently hardcoded to require "first name" which renders the admin user uneditable via the UI. This is a hack that will allow admin to be edited, assuming that one doesn't try to add a firstname field. 440548
* Display information on how to uninstall a partially installed server.Rob Crittenden2008-05-091-4/+10
| | | | | | | This may have failed either because the user pressed ^C or something failed during installation. 442454
* Include information on where to look if a hostname resolves to localhost.Rob Crittenden2008-05-091-1/+1
| | | | 442812
* Return better ewrror message that gives a hint about who actually returned itSimo Sorce2008-05-081-9/+6
| | | | + Some cleanups (trainling spaces and such).
* Detect existing DS instances and prompt for removal during replica install.Rob Crittenden2008-05-081-0/+32
| | | | 442454
* Add missing colon to function definition that broke the buildRob Crittenden2008-05-081-1/+1
|
* Add a version API to the server so it knows what version it is.Rob Crittenden2008-05-088-14/+47
| | | | 435019
* Don't allow the IPA server service principals to be removed.Rob Crittenden2008-05-081-0/+3
| | | | 440282
* Don't prompt for confirmation of DM password when installing a replica.Rob Crittenden2008-05-082-4/+12
| | | | | | | | | It implies that you are setting a new password and you really aren't. Also added a catch for KeyboardInterrupt with instructions on how to recover from a partial install. 441607
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-073-0/+10
|
* Indent the plugin accordingly to our style guidelines.Simo Sorce2008-05-071-802/+758
| | | | Used indent -kr -nut dna.c for most of the changes
* Refine our web space some more so that everything we reference is in /ipaRob Crittenden2008-05-0711-46/+170
| | | | | | | | | | | | | | | UI: /ipa/ui XML-RPC: /ipa/xml errors: /ipa/errors config: /ipa/config I had to hardcode that URI into the CSS pages but TurboGears handles the rest of the translations with tg.url(). Added a version to ipa.conf and ipa-rewrite.conf so we can update them in the future if needed with ipa-upgradeconfig 440443
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-052-350/+0
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-015-54/+60
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Fix ownership of the Apache NSS cert and key databases.Rob Crittenden2008-04-301-0/+10
| | | | | The group "apache" needs to have read access to them so they will work in Fedora 9+.
* Fix the client-side search size limit.Rob Crittenden2008-04-252-25/+25
| | | | | | | | | | | | | | I've changed the variable name searchlimit to sizelimit to match the name in python-ldap (and hopefully therefore be more readable). The big change was changing the default value from 0 to -1. As 0 we were never using the value from cn=ipaconfig python-ldap expects this to be an int type In the UI sizelimit was hardcoded at 0 for users 439880
* Make sure recent ldapmodify tool (as in F9) do not complain by splitting theSimo Sorce2008-04-251-0/+5
| | | | operation into 2 modify operations
* Add nfs as a service principal type.Rob Crittenden2008-04-231-0/+1
| | | | 440242
* Don't let a user change their own uid. Fix some related errors if they try.Rob Crittenden2008-04-232-3/+8
| | | | 440895
* Don't allow a replica to prepare a replica for itself.Rob Crittenden2008-04-231-0/+3
| | | | 442756
* Fixed various memory leaks in memberOf plug-in.Nathan Kinder2008-04-221-2/+9
| | | | 440474
* Become version 1.0.0release-1-0-0Rob Crittenden2008-04-164-4/+16
|
* Catch all errors when obtaining an LDAP connection.Rob Crittenden2008-04-151-0/+2
| | | | 442582
* Better detection of DS not starting.Rob Crittenden2008-04-141-3/+23
| | | | | | | The dirsrv init script always returns 0 on status checks, even if an instance is not started. So we have to look through the output instead. 442452
* Don't quit trying to lock a user if they aren't in the activated group.Rob Crittenden2008-04-141-1/+5
| | | | | | | | Users are considered activated by default so don't need to be in the activated group explicitly. Ignore the "not in group" error when trying to remove them. 442470
* Configure the ipa_pwd_extop plugin on replicas.Rob Crittenden2008-04-141-1/+4
| | | | | | | | If plugin isn't configured then the kerberos attributes don't get populated. User's will get Preauthentication errors from the kerberos libraries because there is no krbPrincipalKey to match against. 442134
* Use the same kpasswd.keytab on all replicas.Rob Crittenden2008-04-093-3/+12
| | | | | | | If we generate a new keytab for each replica then effectively password changes can only occur on the last replica created. 439905
* The kpasswd keytab must not be owned by the dirsrv user.Simo Sorce2008-04-081-2/+0
| | | | Fix copy&paste error.
* SELinux fix from Dan WalshRob Crittenden2008-04-071-1/+1
| | | | 440646
* Add (post) to Requires: ipa-server-specRob Crittenden2008-04-072-2/+4
|
* Some SELinux policy changes provided by Dan Walsh.Rob Crittenden2008-04-073-4/+18
| | | | 440651
* Add _ntp SRV recordSimo Sorce2008-04-071-0/+2
|
* Password policy checks fixes.Simo Sorce2008-04-071-37/+94
| | | | | | - don't let a user set a password identical to the current one. - don't check more then the policy defined number of passwords in history - don't set an history longer than policy defined
* Don't allow the admin user to be removed from the admins group.Rob Crittenden2008-04-041-0/+10
| | | | 439281
* Add missing normalizeDN() when removing members from a group.Rob Crittenden2008-04-041-4/+11
| | | | 438387
* Create /etc/ipa/ipa.conf earlier in the installation process.Rob Crittenden2008-04-031-8/+8
| | | | | | | Because the ipa.config() object raises an error if there is no configuration file and auto-detection fails, ipa_webgui may fail to start at install time. 440475
* Add missing imageRob Crittenden2008-04-031-0/+1
|
* Don't try to update ipauserobjectclasses or ipagroupobjectclassesRob Crittenden2008-04-022-9/+13
| | | | | | | | since they aren't being displayed anymore. They will just get blanked. Also add some error handling in ipahelper.fix_incoming_fields() 438256
* Add missing start_creation() so the install process will get kicked off.Rob Crittenden2008-04-021-0/+1
|
* Make sure we have ipa-client installed as now ipa-server-install callsSimo Sorce2008-04-022-0/+2
| | | | ipa-client-install
* Stricter directory control for ipa daemons, each one it's own directorySimo Sorce2008-04-013-1/+16
|
* Move ipa_kpasswd credential cache in its own directorySimo Sorce2008-04-014-3/+15
|
* Fix typo in python directive. Fixes marking a group active.Rob Crittenden2008-04-011-1/+1
| | | | 440142
* Fix crash when creating new groups. You can't iterate over a None variable.Rob Crittenden2008-04-011-0/+2
| | | | 440081
* Fix AVC when for reading /proc during password change on RHEL 5Rob Crittenden2008-04-011-0/+2
| | | | 438007
* No need to use a regular expression to find the replication hostRob Crittenden2008-03-311-3/+1
| | | | 430015
* Call client uninstall from server uninstall so that uninstall reverses alsoSimo Sorce2008-03-311-0/+15
| | | | client bits.
generated by cgit (git 2.34.1) at 2024-05-18 11:18:54 +0000