| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Added 'otp' as an acceptable attribute name. Added examples.
Also, x-ref kadmin document from otp.rst.
|
|
|
|
|
|
|
|
|
|
| |
The -A option causes kpropd to contact a specified admin server
(normally an intermediate slave running kadmind -proponly) instead of
the master admin server.
Based on code submitted by Richard Basch.
ticket: 7855
|
|
|
|
|
|
|
|
|
|
|
| |
The -proponly option causes kadmind to only service the iprop service,
not the kpasswd or kadmin services. An intermediate slave in a
hierarchical iprop setup runs kadmind -proponly in order to provide
incremental updates to downstream slaves.
Based on code submitted by Richard Basch.
ticket: 7855
|
|
|
|
|
|
|
|
|
|
| |
Add a new section to kdc_conf.rst to describe keysalt lists, and
update other documentation to better distinguish enctype lists from
keysalt lists.
ticket: 7608
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
| |
kdb5_util.rst incorrectly describes the current default dump format
version as 6 when it should be 7. Reported by Jeff D'Angelo.
ticket: 7777
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kpropd -S option is no longer needed to run kpropd in standalone
mode, but its functionality is not deprecated; standalone mode is
automatically activated when appropriate. Clarify the kpropd
documentation on standalone mode to avoid giving the impression that
the mode is deprecated.
ticket: 7751 (new)
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
| |
kdb5_util update_princ_encryption should update to the active master
key version, not the most recent.
ticket: 6507
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
|
| |
The no_auth_data_required bit was introduced to suppress PACs in
service tickets when the back end supports them. Make it also
suppress AD-SIGNEDPATH, so that the ~70-byte expansion of the ticket
can be avoided for services which aren't going to do constrained
delegation.
ticket: 7697 (new)
|
|
|
|
|
|
|
|
|
| |
Add kadmin support for "addprinc -nokey", which creates a principal
with no keys, and "purgekeys -all", which deletes all keys from a
principal. The KDC was modified by #7630 to support principals
without keys.
ticket: 7679 (new)
|
|
|
|
|
|
|
|
|
| |
These flags are overloaded to mean different things for clients and
servers; previously we only documented the client behavior.
ticket: 7653 (new)
tags: pullup
target_version: 1.11.4
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
k5srvutil is a little more convenient to use for rolling keys than
kadmin is. When migrating off 1DES, though, it may be desirable to
explicitly specify the desired keysalts. This adds an option, -e, to
k5srvutil to specify desired keysalts.
[ghudson@mit.edu: style fix; make whitespace in keysalt list work]
ticket: 7589 (new)
|
|
|
|
|
|
|
| |
Get rid of the code to dump and load -b6 and -old format dump files.
Loading these versions hasn't worked since at least 1.3.
ticket: 7564 (new)
|
| |
|
|
|
|
|
|
|
| |
Add a DB option in the LDAP KDB module to turn on debugging messages.
Adapted from a patch by Zoran Pericic <zpericic@inet.hr>.
ticket: 7551 (new)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old versions of docutils will see inline markup (e.g., :ref:`foo`)
at the beginning of a line in the content of a directive block
and attempt to interpret that markup as options or arguments
to the directive. RST intended as inline markup (as opposed to
modifying the behavior of the directive) will not be interpretable
in this context, and causes Sphinx to emit a warning.
Work around this behavior by always leaving a blank line before
the content of a directive block, forcing it to be interpreted
as content and not options or arguments.
The buggy behavior was only encountered in note environments, but
for consistency of style, also reformat warning and error blocks.
Note the new style constraint in doc/README.
ticket: 7469 (new)
title: doc buildslave generates sphinx warnings
tags: pullup
target_version: 1.11
|
|
|
|
|
|
|
|
|
|
|
|
| |
Link to the database.rst description of policy objects when talking
about them. Briefly mention the "default" policy. Link to the
kadmin_local.rst description of policy fields when referencing them.
Describe policy fields more briefly, and expand the kadmin_local.rst
descriptions where appropriate.
ticket: 7480 (new)
target_version: 1.11
tags: pullup
|
|
We like these names better, and they match the PDF document filenames.
admins -> admin
appldev -> appdev
users -> user
and catch up where the names are used elsewhere.
The relay/ directory has been removed, with its contents moved to the
top level in build_this.rst and a new about.rst.
The section headers for kadmind, krb5kdc, sserver, kpasswd, kswitch,
and sclient are misdetected as conflict markers.
bigredbutton: whitespace
ticket: 7433
tags: pullup
|