summaryrefslogtreecommitdiffstats
path: root/src/providers/ad
Commit message (Collapse)AuthorAgeFilesLines
* providers: refresh expired netgroupsPavel Březina2013-08-111-0/+10
| | | | https://fedorahosted.org/sssd/ticket/1713
* Adding option to disable retrieving large AD groups.Lukas Slebodnik2013-05-231-0/+1
| | | | | | | | | This commit adds new option ldap_disable_range_retrieval with default value FALSE. If this option is enabled, large groups(>1500) will not be retrieved and behaviour will be similar like was before commit ae8d047122c "LDAP: Handle very large Active Directory groups" https://fedorahosted.org/sssd/ticket/1823
* ldap: Fallback option for rfc2307 schemaSimo Sorce2013-03-211-0/+1
| | | | | | | | | | | Add option to fallback to fetch local users if rfc2307is being used. This is useful for cases where people added local users as LDAP members and rely on these group memberships to be maintained on the local host. Disabled by default as it violates identity domain separation. Ticket: https://fedorahosted.org/sssd/ticket/1020
* LDAP: Provide a common sdap_set_sasl_options init functionJakub Hrozek2012-11-191-44/+8
| | | | | The AD and IPA initialization functions shared the same code. This patch moves the code into a common initialization function.
* Fix default upper limit of slicesOndrej Kos2012-10-041-1/+1
| | | | | | | https://fedorahosted.org/sssd/ticket/1537 changes upper limit of slices to 2000200000 in providers code and manpage.
* Flip the default value of ldap_initgroups_use_matching_rule_in_chainJakub Hrozek2012-10-021-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1535
* Failover: use _srv_ when no primary server is definedPavel Březina2012-09-171-12/+3
| | | | https://fedorahosted.org/sssd/ticket/1521
* Fix: IPv6 address with square brackets doesn't work.Michal Zidek2012-08-231-0/+7
| | | | https://fedorahosted.org/sssd/ticket/1365
* Typo in debug message (SSSd -> SSSD).Michal Zidek2012-08-231-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1434
* Consolidation of functions that make realm upper-caseOndrej Kos2012-08-231-6/+1
|
* AD context was set to null due to type mismatchOndrej Kos2012-08-233-1/+14
|
* Duplicate detection in fail over did not work.Michal Zidek2012-08-151-1/+6
| | | | https://fedorahosted.org/sssd/ticket/1472
* SRV resolution for backup servers should not be permitted.Michal Zidek2012-08-091-1/+9
| | | | https://fedorahosted.org/sssd/ticket/1463
* Change default for ldap_idmap_range_min to 200000Jakub Hrozek2012-08-091-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1462
* Primary server support: new option in AD providerJan Zeleny2012-08-013-1/+5
| | | | | | This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
* Primary server support: new options in krb5 providerJan Zeleny2012-08-011-0/+3
| | | | | | This patch adds support for new config options krb5_backup_server and krb5_backup_kpasswd. The description of this option's functionality is included in man page in one of previous patches.
* Primary server support: new option in ldap providerJan Zeleny2012-08-011-0/+2
| | | | | | This patch adds support for new config option ldap_backup_uri. The description of this option's functionality is included in man page in previous patch.
* Primary server support: AD adaptationJan Zeleny2012-08-013-35/+77
| | | | | | This patch adds support for the primary server functionality into AD provider. No backup servers are added at the moment, just the basic support is in place.
* AD: Fix defaults for krb5_canonicalizeStephen Gallagher2012-07-181-2/+2
| | | | | | The AD provider cannot function with canonicalization because of a bug in Active Directory rendering it unable to complete a password-change while canonicalization is enabled.
* AD: Add missing DP option terminatorStephen Gallagher2012-07-161-1/+2
|
* AD: Force case-insensitive operation in AD providerStephen Gallagher2012-07-061-0/+18
|
* AD: use krb5_keytab for validation and GSSAPIStephen Gallagher2012-07-063-3/+12
| | | | | | This simplifies configuration by eliminating the need to specifiy both krb5_keytab and ldap_krb5_keytab if the keytab is not located at /etc/krb5.keytab
* AD: Add AD access-control providerStephen Gallagher2012-07-064-1/+188
| | | | | This patch adds support for checking whether a user is expired or disabled in AD.
* AD: Add AD auth and chpass providersStephen Gallagher2012-07-063-1/+155
| | | | | | These new providers take advantage of existing code for the KRB5 provider, providing sensible defaults for operating against an Active Directory 2008 R2 or later server.
* AD: Add AD identity providerStephen Gallagher2012-07-066-0/+1165
This new identity provider takes advantage of existing code for the LDAP provider, but provides sensible defaults for operating against an Active Directory 2008 R2 or later server.
generated by cgit (git 2.34.1) at 2024-05-04 21:07:12 +0000