| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
The option was completely undocumented.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make configuration easier the IPA subdomain provider should be always
loaded if the IPA ID provider is configured and the subdomain provider
is not explicitly disabled. But to avoid the overhead of regular
subdomain requests in setups where no subdomains are used the IPA
subdomain provider should behave differently if configured explicit or
implicit.
If the IPA subdomain provider is configured explicitly, i.e.
'subdomains_provider = ipa' can be found in the domain section of
sssd.conf subdomain request are always send to the server if needed.
If it is configured implicitly and a request to the server fails
with an indication that the server currently does not support subdomains
at all, e.g. is not configured to handle trust relationships, a new
request will be only send to the server after a long timeout or after
a going-online event.
To be able to make this distinction this patch save the configuration
status to the subdomain context.
Fixes https://fedorahosted.org/sssd/ticket/1613
|
|
|
|
|
|
|
|
| |
Since the PAC responder is used during the authentication of users from
trusted realms it is started automatically if the IPA ID provider is
configured for a domain to simplify the configuration.
Fixes https://fedorahosted.org/sssd/ticket/1613
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1499
Adds log message about not finding appropriate entry in keytab and using
the last keytab entry when validation is enabled.
Adds more information about validation into manpage.
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1563
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1540
|
| |
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1537
changes upper limit of slices to 2000200000 in providers code and
manpage.
|
|
|
|
|
|
| |
base.
https://fedorahosted.org/sssd/ticket/1471
|
|
|
|
|
|
|
|
| |
sss_seed fails if password file specified with -p or
--password-file option contains password longer than
PASS_MAX.
Man pages inform about PASS_MAX limitation.
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1535
|
|
|
|
| |
Fixes: https://fedorahosted.org/sssd/ticket/1525
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1541
|
|
|
|
|
|
|
| |
POPT_AUTOHELP generates -? and --help options and not -h to
display help message.
https://fedorahosted.org/sssd/ticket/1546
|
|
|
|
|
|
| |
Add the option to the manual page and the configAPI
https://fedorahosted.org/sssd/ticket/1494
|
| |
|
|
|
|
|
|
| |
fixes https://fedorahosted.org/sssd/ticket/1483
ldap schemes now displayed as bullet list
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
It was ambiguous that these options supported the new multiple
search base format, as well as the search filters.
|
| |
|
| |
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1463
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1462
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1464
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This patch adds support for new config option ad_backup_server. The
description of this option's functionality is included in man page in
one of previous patches.
|
|
|
|
|
|
| |
This patch adds support for new config option ipa_backup_server. The
description of this option's functionality is included in man page in
one of previous patches.
|
|
|
|
|
|
| |
This patch adds support for new config options krb5_backup_server and
krb5_backup_kpasswd. The description of this option's functionality
is included in man page in one of previous patches.
|
|
|
|
|
|
| |
This patch adds support for new config option ldap_backup_uri. The
description of this option's functionality is included in man page in
previous patch.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1420
sudoHost attribute may contain hostname or fqdn of the machine.
Sudo itself supports only one hostname and its fqdn - the one that
is returned by gethostbyname().
This patch implements autoconfiguration of hostname and fqdn if
it has not been set manually by ldap_sudo_hostnames option.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1418
|
| |
|
|
|
|
|
| |
SSH utilities were included in see also section even if SSSD is
built without SSH support.
|
|
|
|
|
|
|
|
|
| |
If override_shell is specified in the [nss] section, all users
managed by SSSD will have their shell set to this value. If it is
specified in the [domain/DOMAINNAME] section, it will apply to
only that domain (and override the [nss] value, if any).
https://fedorahosted.org/sssd/ticket/1087
|