sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Two sssd-ldap manual pages fixes	Jakub Hrozek	2012-02-07	1	-4/+4
\| \| \| \|	Reported by Marco Pizzoli
*	LDAP: Add support for SSH user public keys	Jan Cholasta	2012-02-07	1	-0/+10
\|
*	Update shadowLastChanged attribute during LDAP password change	Jan Zeleny	2012-02-06	1	-2/+0
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1019
*	AUTOFS: LDAP provider	Jakub Hrozek	2012-02-05	1	-0/+101
\|
*	LDAP: Add new options for service maps	Stephen Gallagher	2012-01-31	1	-0/+70
\| \| \| \| \|	Adds the new service map options to the SSSDConfig API and the manpages.
*	Include sudo manual pages only conditionally	Jakub Hrozek	2012-01-30	1	-6/+25
\|
*	SUDO Integration - manual page	Pavel Březina	2012-01-30	1	-0/+188
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1109
*	LDAP: Add option to disable paging control	Stephen Gallagher	2012-01-18	1	-0/+24
\| \| \| \|	Fixes https://fedorahosted.org/sssd/ticket/967
*	Support search bases in RFC2307bis enumeration	Pavel Březina	2011-12-14	1	-0/+7
\| \| \| \|	https://fedorahosted.org/sssd/ticket/960
*	Add sdap_connection_expire_timeout option	Stephen Gallagher	2011-12-12	1	-0/+17
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1036
*	Added and modified options for IPA netgroups	Jan Zeleny	2011-11-23	1	-0/+22
\|
*	Fix typos in manual pages	Yuri Chornoivan	2011-11-10	1	-1/+1
\|
*	Support to request canonicalization in LDAP/IPA provider	Jan Zeleny	2011-11-02	1	-0/+15
\| \| \| \|	https://fedorahosted.org/sssd/ticket/957
*	LDAP: Update manpages with multiple search base information	Stephen Gallagher	2011-11-02	1	-1/+56
\|
*	man page fix (lists are comma-separated)	Jan Zeleny	2011-10-13	1	-2/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1024
*	Allow turning dereference off by setting the threshold to 0	Jakub Hrozek	2011-09-06	1	-0/+4
\|
*	Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON	Jakub Hrozek	2011-08-26	1	-0/+14
\| \| \| \|	https://fedorahosted.org/sssd/ticket/978
*	Add LDAP access control based on NDS attributes	Sumit Bose	2011-07-08	1	-0/+50
\|
*	Changing default to Default for consistency	Kaushik Banerjee	2011-05-31	1	-1/+1
\|
*	Add more detail to ldap_uri manpage entry	Stephen Gallagher	2011-05-27	1	-1/+13
\|
*	Make "password" the default for ldap_default_authtok_type	Stephen Gallagher	2011-05-24	1	-0/+3
\|
*	Use dereference when processing RFC2307bis nested groups	Jakub Hrozek	2011-05-20	1	-0/+23
\| \| \| \| \| \| \| \|	Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
*	Add ldap_page_size configuration option	Stephen Gallagher	2011-04-27	1	-0/+14
\|
*	Add user and group search LDAP filter options	Jakub Hrozek	2011-04-19	1	-0/+37
\| \| \| \|	https://fedorahosted.org/sssd/ticket/647
*	Add host access control support	Pierre Ossman	2011-03-24	1	-0/+24
\| \| \| \|	https://fedorahosted.org/sssd/ticket/746
*	Add ldap_tls_{cert,key,cipher_suite} config options	Tyson Whitehead	2011-01-20	1	-0/+41
\| \| \| \|	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
*	Add LDAP expire policy base RHDS/IPA attribute	Sumit Bose	2011-01-19	1	-0/+20
\| \| \| \| \|	The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
*	Add LDAP expire policy based on AD attributes	Sumit Bose	2011-01-19	1	-0/+35
\| \| \| \| \| \|	The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
*	Add ldap_search_enumeration_timeout config option	Sumit Bose	2011-01-17	1	-5/+23
\|
*	Add authorizedService support	Stephen Gallagher	2010-12-21	1	-0/+26
\| \| \| \|	https://fedorahosted.org/sssd/ticket/670
*	Replace krb5_kdcip by krb5_server in LDAP provider	Sumit Bose	2010-12-07	1	-1/+7
\|
*	Add ldap_chpass_uri config option	Sumit Bose	2010-12-06	1	-0/+34
\|
*	Add new account expired rule to LDAP access provider	Sumit Bose	2010-12-06	1	-1/+54
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
*	Allow protocol fallback for SRV queries	Jakub Hrozek	2010-12-01	1	-0/+5
\| \| \| \|	https://fedorahosted.org/sssd/ticket/691
*	Fix man page	Sumit Bose	2010-11-19	1	-2/+2
\| \| \| \| \| \|	Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication.
*	Properly document ldap_purge_cache_timeout	Stephen Gallagher	2010-11-15	1	-0/+19
\| \| \| \|	Also allow it to be disabled entirely
*	Review comments for namingContexts patches	Sumit Bose	2010-11-05	1	-9/+3
\|
*	Make ldap_search_base a non-mandatory option	Sumit Bose	2010-11-04	1	-3/+20
\|
*	Add ldap_deref option	Sumit Bose	2010-10-22	1	-0/+35
\|
*	Move all references to ldap_<entity>_search_base to "advanced" section	Jan Zeleny	2010-10-18	1	-42/+52
\| \| \| \| \| \| \|	The <entity> can be one of user, group or netgroup. The references were removed from example configuration and they were moved from section Configuration options to section Advanced options. Ticket: #607
*	Add option to limit nested groups	Simo Sorce	2010-10-18	1	-0/+16
\|
*	Add infrastructure to LDAP provider for netgroup support	Sumit Bose	2010-10-13	1	-0/+91
\|
*	Add KDC to the list of LDAP options	Jakub Hrozek	2010-10-13	1	-0/+18
\|
*	Man pages should mention supported providers	Jan Zeleny	2010-10-13	1	-5/+7
\| \| \| \| \| \| \|	Each back end can support id, auth or access provider, but each back end supports different subset of these. Man pages should describe which providers are supported by each back end. Ticket: #615
*	Deobfuscate password in back ends	Jakub Hrozek	2010-09-08	1	-1/+10
\| \| \| \| \| \|	When obfuscated password is used in config file, the LDAP backend converts it back to clear text and uses it to authenticate to the server.
*	Reviewed sssd-ldap man page	Jan Zeleny	2010-09-07	1	-7/+207
\| \| \| \|	Some config options updated, newly documented 12 new options.
*	Standardize on correct spelling of "principal" for krb5	Stephen Gallagher	2010-06-16	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/542
*	Add ldap_access_filter option	Stephen Gallagher	2010-05-27	1	-0/+39
\| \| \| \| \| \| \| \| \| \|	This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
*	Add ldap_krb5_ticket_lifetime option	Sumit Bose	2010-05-16	1	-0/+13
\|
*	Use service discovery in backends	Jakub Hrozek	2010-05-07	1	-3/+17
\| \| \| \| \| \| \| \| \|	Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set.