summaryrefslogtreecommitdiffstats
path: root/src/config/SSSDConfigTest.py
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove krb5_changepw_principal optionJakub Hrozek2010-06-141-2/+1
| | | | Fixes: #531
* Change default min_id to 1Stephen Gallagher2010-06-091-4/+3
| | | | | Also update manpage for min_id/max_id to be more clear about how it relates to primary GID.
* Add ldap_access_filter optionStephen Gallagher2010-05-271-1/+1
| | | | | | | | | | This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
* Add support for delayed kinit if offlineSumit Bose2010-05-261-0/+3
| | | | | | | If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
* SSSDConfigAPI fixesJakub Hrozek2010-05-161-3/+1
| | | | | | | | * add forgotten ldap_dns_service option * sync IPA and LDAP options (ldap_pwd_policy and ldap_tls_cacertdir) * ldap_uri is no longer mandatory for LDAP provider - the default is to use service discovery with no address set now. Ditto for krb5_kdcip and ipa_server
* Make krb5_kpasswd available for any krb5 providerStephen Gallagher2010-05-071-0/+3
| | | | | | | | | Previously, the option krb5_kpasswd was only available if 'chpass_provider = krb5' was specified explicitly. Now it will be available also if 'auth_provider = krb5'. This option was also missing from the IPA options, so I have added it there as well
* Add dns_resolver_timeout optionStephen Gallagher2010-04-301-0/+2
| | | | | | We had a hard-coded timeout of five seconds for DNS lookups in the async resolver. This patch adds an option 'dns_resolver_timeout' to specify this value (Default: 5)
* Add regression test for https://fedorahosted.org/sssd/ticket/441Stephen Gallagher2010-03-311-0/+5
|
* Ensure the SSSDConfig creates sssd.conf with the correct modeStephen Gallagher2010-03-221-4/+85
|
* Add krb5_kpasswd optionSumit Bose2010-03-121-1/+2
|
* Add simple access providerSumit Bose2010-03-081-0/+1
|
* Make filter_users and filter_groups also per-domainJakub Hrozek2010-03-081-0/+4
| | | | Fixes: #290
* Better cleanup task handlingJakub Hrozek2010-02-231-0/+2
| | | | | | | | | | | | | | | | Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
* Restrict family lookupsJakub Hrozek2010-02-221-0/+2
| | | | | | | Adds a new option that tells resolver which address family to prefer or use exclusively. Fixes: #404
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+1521
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-06-17 05:07:26 +0000