sssd.git/src/config/etc, branch master sssd with jhrozek's patches DYNDNS: Add a new option dyndns_server 2015-08-14T21:51:02+00:00 Jakub Hrozek jhrozek@redhat.com 2014-07-06T20:53:27+00:00 8145ab51b05aa86b2f1a21b49383f55e50b0a2e3 Some environments use a different DNS server than identity server. For these environments, it would be useful to be able to override the DNS server used to perform DNS updates. This patch adds a new option dyndns_server that, if set, would be used to hardcode a DNS server address into the nsupdate message. Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Some environments use a different DNS server than identity server. For
these environments, it would be useful to be able to override the DNS
server used to perform DNS updates.

This patch adds a new option dyndns_server that, if set, would be used
to hardcode a DNS server address into the nsupdate message.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
sudo: use "higher value wins" when ordering rules 2015-08-14T20:47:45+00:00 Pavel Březina pbrezina@redhat.com 2015-07-29T12:51:30+00:00 52e3ee5c5ff2c5a4341041826a803ad42d2b2de7 This commit changes the default ordering logic (lower value wins) to a correct one that is used by native ldap support. It also adds a new option sudo_inverse_order to switch to the original SSSD (incorrect) behaviour if needed. Resolves: https://fedorahosted.org/sssd/ticket/2682 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
This commit changes the default ordering logic (lower value wins) to
a correct one that is used by native ldap support. It also adds a new
option sudo_inverse_order to switch to the original SSSD (incorrect)
behaviour if needed.

Resolves:
https://fedorahosted.org/sssd/ticket/2682

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
ssh: generate public keys from certificate 2015-07-31T07:52:06+00:00 Sumit Bose sbose@redhat.com 2015-07-15T07:40:00+00:00 4de84af23db74e13e867985c9093f394c9fa8d51 Resolves: https://fedorahosted.org/sssd/ticket/2711 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
Resolves: https://fedorahosted.org/sssd/ticket/2711

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
LDAP: Add the wildcard_limit option 2015-07-15T15:32:46+00:00 Jakub Hrozek jhrozek@redhat.com 2015-06-17T14:13:51+00:00 b9e74a747b8f1012bba3575f3e4289ef4877d64a Related: https://fedorahosted.org/sssd/ticket/2553 Adds a new wildcard_limit option that is set by default to 1000 (one page). This option limits the number of entries that can by default be returned by a wildcard search. Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
Related:
    https://fedorahosted.org/sssd/ticket/2553

Adds a new wildcard_limit option that is set by default to 1000 (one
page). This option limits the number of entries that can by default be
returned by a wildcard search.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
PAM: authenticate agains cache 2015-07-06T18:19:09+00:00 Pavel Reichl preichl@redhat.com 2015-04-16T07:41:58+00:00 0aa18cc0bf3447ca734476926724f1632e160807 Enable authenticating users from cache even when SSSD is in online mode. Introduce new option `cached_auth_timeout`. Resolves: https://fedorahosted.org/sssd/ticket/1807 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
Enable authenticating users from cache even when SSSD is in online mode.

Introduce new option `cached_auth_timeout`.

Resolves:
https://fedorahosted.org/sssd/ticket/1807

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
LDAP: add ldap_user_certificate option 2015-06-19T15:21:24+00:00 Sumit Bose sbose@redhat.com 2015-05-07T08:59:10+00:00 e22e04517b9f9d0c7759dc4768eedfd05908e9b6 Related to https://fedorahosted.org/sssd/ticket/2596 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
Related to https://fedorahosted.org/sssd/ticket/2596

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
adding ldap_user_auth_type where missing 2015-06-19T15:21:17+00:00 Sumit Bose sbose@redhat.com 2015-05-07T08:58:33+00:00 070bb515321a7de091b884d9e0ab357b7b5ae578 Reviewed-by: Pavel Březina <pbrezina@redhat.com> 
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
confdb: Add new option subdomain_inherit 2015-06-05T14:39:18+00:00 Jakub Hrozek jhrozek@redhat.com 2015-04-29T17:41:14+00:00 1711cbfd2e36d44af1ae50e3a2beeec3a1f0b5e8 Adds a new option subdomain_inherit that would allow administrators to pick and choose which option to pass to subdomains. This option is required for: https://fedorahosted.org/sssd/ticket/2644 as a short-term fix. The proper solution is described in: https://fedorahosted.org/sssd/ticket/2599 Reviewed-by: Pavel Reichl <preichl@redhat.com> 
Adds a new option subdomain_inherit that would allow administrators to pick
and choose which option to pass to subdomains.

This option is required for:
    https://fedorahosted.org/sssd/ticket/2644
as a short-term fix.

The proper solution is described in:
    https://fedorahosted.org/sssd/ticket/2599

Reviewed-by: Pavel Reichl <preichl@redhat.com>
krb5: new option krb5_map_user 2015-05-28T09:04:28+00:00 Pavel Reichl preichl@redhat.com 2015-04-30T10:43:05+00:00 aa8a8318aaa3270e9d9957d0c22dec6342360a37 New option `krb5_map_user` providing mapping of ID provider names to Kerberos principals. Resolves: https://fedorahosted.org/sssd/ticket/2509 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> 
New option `krb5_map_user` providing mapping of ID provider names to
Kerberos principals.

Resolves:
https://fedorahosted.org/sssd/ticket/2509

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Add cache_credentials_minimal_first_factor_length config option 2015-05-08T07:14:12+00:00 Sumit Bose sbose@redhat.com 2015-03-24T12:00:14+00:00 932c3e22e3c59a9c33f30dcc09e6bef257e14320 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> 
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>