sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Adding option to disable retrieving large AD groups.sssd-1.9.2-113.el6	Lukas Slebodnik	2013-08-09	1	-0/+1
\| \| \| \| \| \| \| \| \|	This commit adds new option ldap_disable_range_retrieval with default value FALSE. If this option is enabled, large groups(>1500) will not be retrieved and behaviour will be similar like was before commit ae8d047122c "LDAP: Handle very large Active Directory groups" https://fedorahosted.org/sssd/ticket/1823
*	ldap: Fallback option for rfc2307 schema	Simo Sorce	2013-04-15	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \|	Add option to fallback to fetch local users if rfc2307is being used. This is useful for cases where people added local users as LDAP members and rely on these group memberships to be maintained on the local host. Disabled by default as it violates identity domain separation. Ticket: https://fedorahosted.org/sssd/ticket/1020
*	Fix default upper limit of slices	Ondrej Kos	2012-10-04	1	-1/+1
\| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/1537 changes upper limit of slices to 2000200000 in providers code and manpage.
*	Flip the default value of ldap_initgroups_use_matching_rule_in_chain	Jakub Hrozek	2012-10-02	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1535
*	Change default for ldap_idmap_range_min to 200000	Jakub Hrozek	2012-08-09	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1462
*	Primary server support: new option in AD provider	Jan Zeleny	2012-08-01	1	-0/+1
\| \| \| \| \| \|	This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
*	Primary server support: new options in krb5 provider	Jan Zeleny	2012-08-01	1	-0/+3
\| \| \| \| \| \|	This patch adds support for new config options krb5_backup_server and krb5_backup_kpasswd. The description of this option's functionality is included in man page in one of previous patches.
*	Primary server support: new option in ldap provider	Jan Zeleny	2012-08-01	1	-0/+2
\| \| \| \| \| \|	This patch adds support for new config option ldap_backup_uri. The description of this option's functionality is included in man page in previous patch.
*	AD: Fix defaults for krb5_canonicalize	Stephen Gallagher	2012-07-18	1	-2/+2
\| \| \| \| \| \|	The AD provider cannot function with canonicalization because of a bug in Active Directory rendering it unable to complete a password-change while canonicalization is enabled.
*	AD: Add missing DP option terminator	Stephen Gallagher	2012-07-16	1	-1/+2
\|
*	AD: use krb5_keytab for validation and GSSAPI	Stephen Gallagher	2012-07-06	1	-0/+1
\| \| \| \| \| \|	This simplifies configuration by eliminating the need to specifiy both krb5_keytab and ldap_krb5_keytab if the keytab is not located at /etc/krb5.keytab
*	AD: Add AD access-control provider	Stephen Gallagher	2012-07-06	1	-1/+1
\| \| \| \| \|	This patch adds support for checking whether a user is expired or disabled in AD.
*	AD: Add AD identity provider	Stephen Gallagher	2012-07-06	1	-0/+230
	This new identity provider takes advantage of existing code for the LDAP provider, but provides sensible defaults for operating against an Active Directory 2008 R2 or later server.