sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	LDAP: Add attr_count return value to build_attrs_from_map()	Stephen Gallagher	2012-05-10	1	-1/+3
\| \| \| \| \| \| \|	This is necessary because in several places in the code, we are appending to the attrs returned from this value, and if we relied on the map size macro, we would be appending after the NULL terminator if one or more attributes were defined as NULL.
*	LDAP: Map the user's primaryGroupID	Stephen Gallagher	2012-05-03	1	-0/+1
\|
*	LDAP: Allow setting a default domain for id-mapping slice 0	Stephen Gallagher	2012-05-03	1	-0/+2
\|
*	LDAP: Add autorid compatibility mode	Stephen Gallagher	2012-05-03	1	-0/+1
\|
*	LDAP: Initialize ID mapping when configured	Stephen Gallagher	2012-05-03	1	-0/+3
\|
*	LDAP: Add ID mapping range settings	Stephen Gallagher	2012-05-03	1	-0/+3
\|
*	LDAP: Add id-mapping option	Stephen Gallagher	2012-05-03	1	-0/+1
\|
*	LDAP: Add objectSID config option	Stephen Gallagher	2012-05-03	1	-0/+2
\|
*	Add terminator for sdap_attr_map	Stephen Gallagher	2012-03-28	1	-0/+1
\|
*	IPA hosts refactoring	Jan Zeleny	2012-02-24	1	-2/+0
\|
*	LDAP: Add support for SSH user public keys	Jan Cholasta	2012-02-07	1	-0/+1
\|
*	Update shadowLastChanged attribute during LDAP password change	Jan Zeleny	2012-02-06	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1019
*	Session target in IPA provider	Jan Zeleny	2012-02-06	1	-0/+1
\|
*	AUTOFS: LDAP provider	Jakub Hrozek	2012-02-05	1	-0/+19
\|
*	NSS: Add individual timeouts for entry types	Stephen Gallagher	2012-02-04	1	-1/+0
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1016
*	LDAP: Add enumeration support for services	Stephen Gallagher	2012-01-31	1	-0/+1
\|
*	LDAP: Add support for service lookups (non-enum)	Stephen Gallagher	2012-01-31	1	-0/+13
\|
*	LDAP: Add option to disable paging control	Stephen Gallagher	2012-01-18	1	-0/+1
\| \| \| \|	Fixes https://fedorahosted.org/sssd/ticket/967
*	SUDO Integration - periodical update of rules in data provider	Pavel Březina	2012-01-17	1	-0/+2
\| \| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period)
*	SUDO Integration - LDAP configuration options	Pavel Březina	2011-12-16	1	-0/+20
\|
*	Add sdap_connection_expire_timeout option	Stephen Gallagher	2011-12-12	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1036
*	Add ldap_sasl_minssf option	Jan Zeleny	2011-12-08	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1075
*	Renamed some LDAP routines	Jan Zeleny	2011-11-23	1	-0/+1
\| \| \| \| \|	These were renamed just ot make sure they are not mistook for IPA netgroup functions.
*	Cleanup: Remove unused parameters	Jakub Hrozek	2011-11-22	1	-2/+0
\|
*	Support to request canonicalization in LDAP/IPA provider	Jan Zeleny	2011-11-02	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/957
*	LDAP: Add parser for multiple search bases	Stephen Gallagher	2011-11-02	1	-0/+11
\|
*	Remove unused sdap_options attributes	Stephen Gallagher	2011-11-02	1	-3/+0
\| \| \| \|	These DNs were never assigned or referenced anywhere.
*	Improve error message for LDAP password constraint violation	Jakub Hrozek	2011-09-06	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/985
*	Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON	Jakub Hrozek	2011-08-26	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/978
*	Add LDAP access control based on NDS attributes	Sumit Bose	2011-07-08	1	-0/+6
\|
*	Add sockaddr_storage to sdap_service	Sumit Bose	2011-06-30	1	-0/+1
\|
*	Use dereference when processing RFC2307bis nested groups	Jakub Hrozek	2011-05-20	1	-0/+1
\| \| \| \| \| \| \| \|	Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
*	OpenLDAP dereference searches	Jakub Hrozek	2011-05-20	1	-0/+7
\| \| \| \| \| \| \| \|	This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00
*	Generic dereference data structures and utilities	Jakub Hrozek	2011-05-20	1	-0/+10
\| \| \| \|	These will be shared by both dereference methods in a later patch.
*	Remove append_attrs_to_array	Jakub Hrozek	2011-05-20	1	-1/+0
\| \| \| \|	This function was not used anywhere
*	Add ldap_page_size configuration option	Stephen Gallagher	2011-04-27	1	-0/+2
\|
*	Modify principal selection for keytab authentication	Jan Zeleny	2011-04-25	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781
*	Add value of the last USN to server configuration	Stephen Gallagher	2011-04-19	1	-0/+1
\| \| \| \| \|	Related: https://fedorahosted.org/sssd/ticket/734
*	Don't pass NULL to printf for TLS errors	Jakub Hrozek	2011-04-08	1	-10/+0
\| \| \| \|	https://fedorahosted.org/sssd/ticket/643
*	Add host access control support	Pierre Ossman	2011-03-24	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/746
*	Add option to disable TLS for LDAP authsssd-1_5_1	Stephen Gallagher	2011-01-27	1	-0/+1
\| \| \| \| \|	Option is named to discourage use in production environments and is intentionally not listed in the SSSDConfig API.
*	Add ldap_tls_{cert,key,cipher_suite} config options	Tyson Whitehead	2011-01-20	1	-0/+3
\| \| \| \|	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
*	Add LDAP expire policy base RHDS/IPA attribute	Sumit Bose	2011-01-19	1	-0/+3
\| \| \| \| \|	The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
*	Add LDAP expire policy based on AD attributes	Sumit Bose	2011-01-19	1	-0/+5
\| \| \| \| \| \|	The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
*	Add ldap_search_enumeration_timeout config option	Sumit Bose	2011-01-17	1	-0/+1
\|
*	Add authorizedService support	Stephen Gallagher	2010-12-21	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/670
*	Replace krb5_kdcip by krb5_server in LDAP provider	Sumit Bose	2010-12-07	1	-1/+1
\|
*	ldap: Use USN entries if available.	Simo Sorce	2010-12-07	1	-0/+7
\| \| \| \|	Otherwise fallback to the default modifyTimestamp indicator
*	ldap: add checks to determine if USN features are available.	Simo Sorce	2010-12-07	1	-0/+17
\|
*	Add ldap_chpass_uri config option	Sumit Bose	2010-12-06	1	-0/+2
\|