| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2235
The memberof example was misleading and was making aministrators think
that the ldap_access_filter can resolve nested group memberships.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 604d46e028ab62f83060fb88bdd3319a31aca2d1)
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2091
|
|
|
|
|
|
|
| |
Currently the range for Posix IDs stored in an LDAP server is unbound.
This might lead to conflicts in a setup with AD and trusts when the
configured domain uses IDs from LDAP. With the two noe options this
conflict can be avoided.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1883
The patch introduces a new Kerberos provider option called
krb5_use_kdcinfo. The option is true by default in all providers. When
set to false, the SSSD will not create krb5 info files that the locator
plugin consumes and the user would have to set up the Kerberos options
manually in krb5.conf
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1789
ldap_access_order must be set in order to non-default access control
options to work. This patch amends the sssd-ldap man page to document
this fact with all non-default ldap_access_order options.
|
|
|
|
|
|
|
|
|
| |
This commit adds new option ldap_disable_range_retrieval with default value
FALSE. If this option is enabled, large groups(>1500) will not be retrieved and
behaviour will be similar like was before commit ae8d047122c
"LDAP: Handle very large Active Directory groups"
https://fedorahosted.org/sssd/ticket/1823
|
|
|
|
|
|
|
|
|
|
|
| |
Add option to fallback to fetch local users if rfc2307is being used.
This is useful for cases where people added local users as LDAP members
and rely on these group memberships to be maintained on the local host.
Disabled by default as it violates identity domain separation.
Ticket:
https://fedorahosted.org/sssd/ticket/1020
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1737
|
|
|
|
|
|
| |
expression
https://fedorahosted.org/sssd/ticket/1690
|
| |
|
|
|
|
| |
The option was completely undocumented.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1563
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1540
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1535
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1541
|
|
|
|
|
|
| |
Add the option to the manual page and the configAPI
https://fedorahosted.org/sssd/ticket/1494
|
|
|
|
|
|
| |
fixes https://fedorahosted.org/sssd/ticket/1483
ldap schemes now displayed as bullet list
|
| |
|
|
|
|
|
| |
It was ambiguous that these options supported the new multiple
search base format, as well as the search filters.
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1464
|
|
|
|
|
|
| |
This patch adds support for new config options krb5_backup_server and
krb5_backup_kpasswd. The description of this option's functionality
is included in man page in one of previous patches.
|
|
|
|
|
|
| |
This patch adds support for new config option ldap_backup_uri. The
description of this option's functionality is included in man page in
previous patch.
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1420
sudoHost attribute may contain hostname or fqdn of the machine.
Sudo itself supports only one hostname and its fqdn - the one that
is returned by gethostbyname().
This patch implements autoconfiguration of hostname and fqdn if
it has not been set manually by ldap_sudo_hostnames option.
|
| |
|
|
|
|
| |
Removes old options and adds new ones.
|
|
|
|
|
|
|
|
| |
This patch extends the RootDSE lookup so that we will perform a
second request to test whether the match rule syntax can be used.
If both groups and initgroups are disabled in the configuration,
this lookup request can be skipped.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* Should be 'permit' instead
https://fedorahosted.org/sssd/ticket/1295
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1265
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1031
|
| |
|
|
|
|
| |
Reported by Marco Pizzoli
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1019
|
| |
|
|
|
|
|
| |
Adds the new service map options to the SSSDConfig API and the
manpages.
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1109
|
|
|
|
| |
Fixes https://fedorahosted.org/sssd/ticket/967
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/960
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1036
|
| |
|