sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	LDAP: Initialize ID mapping when configured	Stephen Gallagher	2012-05-03	1	-0/+7
\|
*	Do not call sudo functions if built without-sudo	Jakub Hrozek	2012-02-05	1	-1/+7
\|
*	AUTOFS: LDAP provider	Jakub Hrozek	2012-02-05	1	-0/+31
\|
*	Move BUILD_SUDO outside the generic LDAP source files	Jakub Hrozek	2012-02-04	1	-27/+8
\| \| \| \|	Avoid #ifdefs in the general part of the code
*	SUDO Integration - periodical update of rules in data provider	Pavel Březina	2012-01-17	1	-0/+5
\| \| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period)
*	Move child_common routines to util	Stephen Gallagher	2011-12-19	1	-1/+1
\|
*	SUDO integration - LDAP provider	Pavel Březina	2011-12-16	1	-0/+39
\|
*	Fix size return for split_on_separator()	Stephen Gallagher	2011-11-02	1	-5/+5
\| \| \| \| \| \| \|	It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
*	Add LDAP access control based on NDS attributes	Sumit Bose	2011-07-08	1	-0/+1
\|
*	Add host access control support	Pierre Ossman	2011-03-24	1	-0/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/746
*	Add LDAP expire policy base RHDS/IPA attribute	Sumit Bose	2011-01-19	1	-1/+4
\| \| \| \| \|	The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
*	Add LDAP expire policy based on AD attributes	Sumit Bose	2011-01-19	1	-1/+2
\| \| \| \| \| \|	The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
*	Add authorizedService support	Stephen Gallagher	2010-12-21	1	-0/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/670
*	Avoid multiple initializations in LDAP provider	Sumit Bose	2010-12-20	1	-39/+30
\| \| \| \| \| \|	Currently in a domain where LDAP was used for id and auth the LDAP UIR was added multiple times to the failover code which may cause unwanted delays.
*	Pass sdap_id_ctx in sdap_id_op functions.	Simo Sorce	2010-12-07	1	-3/+1
\|
*	Add ldap_chpass_uri config option	Sumit Bose	2010-12-06	1	-0/+21
\|
*	Add new account expired rule to LDAP access provider	Sumit Bose	2010-12-06	1	-22/+112
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
*	Add check_online method to LDAP ID provider	Sumit Bose	2010-12-01	1	-1/+2
\|
*	Check for GSSAPI before attempting to kinit	Jakub Hrozek	2010-10-15	1	-8/+12
\|
*	Initialize kerberos service for GSSAPI	Jakub Hrozek	2010-10-13	1	-0/+11
\|
*	Remove remainder of now unused global LDAP connection handle.	eindenbom	2010-07-09	1	-7/+0
\|
*	LDAP connection usage tracking, sharing and failover retry framework.	eindenbom	2010-07-09	1	-0/+7
\|
*	Don't segfault if ldap_access_filter is unspecified	Stephen Gallagher	2010-06-14	1	-12/+13
\| \| \| \|	https://fedorahosted.org/sssd/ticket/539
*	Allow ldap_access_filter values wrapped in parentheses	Stephen Gallagher	2010-06-09	1	-2/+20
\|
*	Fix check if LDAP id provider is already initialized	Sumit Bose	2010-05-27	1	-1/+1
\|
*	Add ldap_access_filter option	Stephen Gallagher	2010-05-27	1	-0/+56
\| \| \| \| \| \| \| \| \| \|	This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
*	Add offline callback to disconnect global SDAP handle	Sumit Bose	2010-05-27	1	-0/+7
\|
*	Use service discovery in backends	Jakub Hrozek	2010-05-07	1	-8/+16
\| \| \| \| \| \| \| \| \|	Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set.
*	Make ID provider init functions clearer	Stephen Gallagher	2010-04-16	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \|	Using sssm__init() as the name of the initialization function for identity providers was a holdover from earlier development when we thought we would only have a single "provider" entry in the config file. As we have now separated out the initialization functions for auth, chpass and access, we should rename sssm__init() to sssm_*_id_init() for a cleaner interface.
*	Rename server/ directory to src/	Stephen Gallagher	2010-02-18	1	-0/+179
	Also update BUILD.txt