| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
Previously, it assumed that all members were users. This changes
the interface so that either a user or a group can be specified.
|
| | |
|
| |
|
|
| |
Useful for optimizing the initgroups operation.
|
| |
|
|
|
|
|
|
| |
This function will take a user, a list of groups that this user
should be added to and a list of groups the user should be removed
from and will recursively call sysdb_[add|remove]_group_member
Includes a unit test
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This option (applicable to access_provider=ldap) allows the admin
to set an additional LDAP search filter that must match in order
for a user to be granted access to the system.
Common examples for this would be limiting access to users by in a
particular group, for example:
ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
|
| |
|
|
|
|
|
| |
If the configuration option krb5_store_password_if_offline is set to
true and the backend is offline the plain text user password is stored
and used to request a TGT if the backend becomes online. If available
the Linux kernel key retention service is used.
|
|
|
Also update BUILD.txt
|
