sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	ldap: Fallback option for rfc2307 schema	Simo Sorce	2013-03-20	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \|	Add option to fallback to fetch local users if rfc2307is being used. This is useful for cases where people added local users as LDAP members and rely on these group memberships to be maintained on the local host. Disabled by default as it violates identity domain separation. Ticket: https://fedorahosted.org/sssd/ticket/1020
*	Convert sdap_access to new error codes	Simo Sorce	2013-03-19	1	-17/+15
\| \| \| \|	Also simplify sdap_access_send to avoid completely fake _send() routines.
*	Decrease krb5_auth_timeout default	Ondrej Kos	2013-03-18	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1738
*	Add realm info to sss_domain_info	Simo Sorce	2013-02-10	1	-1/+1
\|
*	Add be_req_get_data() helper funciton.	Simo Sorce	2013-01-21	1	-3/+4
\| \| \| \|	In preparation for making struct be_req opaque.
*	Add be_req_get_be_ctx() helper.	Simo Sorce	2013-01-21	2	-14/+14
\| \| \| \|	In preparation for making be_req opaque
*	Introduce be_req_terminate() helper	Simo Sorce	2013-01-21	1	-5/+6
\| \| \| \| \|	Call it everywhere instead of directly dereferencing be_req->fn This is in preparation of making be_req opaque.
*	Pass domain not be_req to access check functions	Simo Sorce	2013-01-21	1	-4/+7
\|
*	Remove sysdb as a be request structure member	Simo Sorce	2013-01-21	1	-1/+0
\| \| \| \|	The sysdb context is already available through the 'domain' context.
*	failover: Protect against empty host names	Michal Zidek	2013-01-02	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	Added new parameter to split_on_separator that allows to skip empty values. The whole function was rewritten. Unit test case was added to check the new implementation. https://fedorahosted.org/sssd/ticket/1484
*	LDAP: Provide a common sdap_set_sasl_options init function	Jakub Hrozek	2012-11-19	1	-44/+8
\| \| \| \| \|	The AD and IPA initialization functions shared the same code. This patch moves the code into a common initialization function.
*	Fix default upper limit of slices	Ondrej Kos	2012-10-04	1	-1/+1
\| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/1537 changes upper limit of slices to 2000200000 in providers code and manpage.
*	Flip the default value of ldap_initgroups_use_matching_rule_in_chain	Jakub Hrozek	2012-10-02	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1535
*	Failover: use _srv_ when no primary server is defined	Pavel Březina	2012-09-17	1	-12/+3
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1521
*	Fix: IPv6 address with square brackets doesn't work.	Michal Zidek	2012-08-23	1	-0/+7
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1365
*	Typo in debug message (SSSd -> SSSD).	Michal Zidek	2012-08-23	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1434
*	Consolidation of functions that make realm upper-case	Ondrej Kos	2012-08-23	1	-6/+1
\|
*	AD context was set to null due to type mismatch	Ondrej Kos	2012-08-23	3	-1/+14
\|
*	Duplicate detection in fail over did not work.	Michal Zidek	2012-08-15	1	-1/+6
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1472
*	SRV resolution for backup servers should not be permitted.	Michal Zidek	2012-08-09	1	-1/+9
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1463
*	Change default for ldap_idmap_range_min to 200000	Jakub Hrozek	2012-08-09	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1462
*	Primary server support: new option in AD provider	Jan Zeleny	2012-08-01	3	-1/+5
\| \| \| \| \| \|	This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
*	Primary server support: new options in krb5 provider	Jan Zeleny	2012-08-01	1	-0/+3
\| \| \| \| \| \|	This patch adds support for new config options krb5_backup_server and krb5_backup_kpasswd. The description of this option's functionality is included in man page in one of previous patches.
*	Primary server support: new option in ldap provider	Jan Zeleny	2012-08-01	1	-0/+2
\| \| \| \| \| \|	This patch adds support for new config option ldap_backup_uri. The description of this option's functionality is included in man page in previous patch.
*	Primary server support: AD adaptation	Jan Zeleny	2012-08-01	3	-35/+77
\| \| \| \| \| \|	This patch adds support for the primary server functionality into AD provider. No backup servers are added at the moment, just the basic support is in place.
*	AD: Fix defaults for krb5_canonicalize	Stephen Gallagher	2012-07-18	1	-2/+2
\| \| \| \| \| \|	The AD provider cannot function with canonicalization because of a bug in Active Directory rendering it unable to complete a password-change while canonicalization is enabled.
*	AD: Add missing DP option terminator	Stephen Gallagher	2012-07-16	1	-1/+2
\|
*	AD: Force case-insensitive operation in AD provider	Stephen Gallagher	2012-07-06	1	-0/+18
\|
*	AD: use krb5_keytab for validation and GSSAPI	Stephen Gallagher	2012-07-06	3	-3/+12
\| \| \| \| \| \|	This simplifies configuration by eliminating the need to specifiy both krb5_keytab and ldap_krb5_keytab if the keytab is not located at /etc/krb5.keytab
*	AD: Add AD access-control provider	Stephen Gallagher	2012-07-06	4	-1/+188
\| \| \| \| \|	This patch adds support for checking whether a user is expired or disabled in AD.
*	AD: Add AD auth and chpass providers	Stephen Gallagher	2012-07-06	3	-1/+155
\| \| \| \| \| \|	These new providers take advantage of existing code for the KRB5 provider, providing sensible defaults for operating against an Active Directory 2008 R2 or later server.
*	AD: Add AD identity provider	Stephen Gallagher	2012-07-06	6	-0/+1165
	This new identity provider takes advantage of existing code for the LDAP provider, but provides sensible defaults for operating against an Active Directory 2008 R2 or later server.