| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Modify behavior of pam_pwd_expiration_warning | Jan Zeleny | 2012-05-04 | 2 | -16/+57 | |
| | | | | | | | | | | | | | | | | | | | New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider. | |||||
| * | LDAP: Add support for enumeration of ID-mapped users and groups | Stephen Gallagher | 2012-05-03 | 1 | -31/+102 | |
| | | ||||||
| * | LDAP: Treat groups with unmappable SIDs as non-POSIX groups | Stephen Gallagher | 2012-05-03 | 1 | -9/+12 | |
| | | ||||||
| * | LDAP: Add helper function to map IDs | Stephen Gallagher | 2012-05-03 | 5 | -119/+81 | |
| | | | | | | This function will also auto-create a new ID map if the domain has not been seen previously. | |||||
| * | LDAP: Do not remove uidNumber and gidNumber attributes when saving id-mapped ↵ | Stephen Gallagher | 2012-05-03 | 2 | -0/+16 | |
| | | | | | entries | |||||
| * | LDAP: Add helper routine to convert LDAP blob to SID string | Stephen Gallagher | 2012-05-03 | 5 | -68/+195 | |
| | | ||||||
| * | LDAP: Map the user's primaryGroupID | Stephen Gallagher | 2012-05-03 | 4 | -12/+69 | |
| | | ||||||
| * | LDAP: Enable looking up id-mapped groups by GID | Stephen Gallagher | 2012-05-03 | 1 | -2/+45 | |
| | | ||||||
| * | LDAP: Allow looking up ID-mapped groups by name | Stephen Gallagher | 2012-05-03 | 2 | -29/+125 | |
| | | ||||||
| * | LDAP: Enable looking up id-mapped users by UID | Stephen Gallagher | 2012-05-03 | 1 | -6/+43 | |
| | | ||||||
| * | LDAP: Allow automatically-provisioning a domain and range | Stephen Gallagher | 2012-05-03 | 1 | -3/+43 | |
| | | | | | | | | | If we get a user who is a member of a domain we haven't seen before, add a domain entry (auto-assigning its slice). Since we don't know the domain's real name, we'll just save the domain SID string as the name as well. | |||||
| * | LDAP: Add routine to extract domain SID from an object SID | Stephen Gallagher | 2012-05-03 | 2 | -0/+49 | |
| | | | | | Also makes the domain prefix macros from sss_idmap public. | |||||
| * | LDAP: Allow setting a default domain for id-mapping slice 0 | Stephen Gallagher | 2012-05-03 | 4 | -0/+42 | |
| | | ||||||
| * | LDAP: Add autorid compatibility mode | Stephen Gallagher | 2012-05-03 | 4 | -8/+17 | |
| | | ||||||
| * | LDAP: Enable looking up ID-mapped users by name | Stephen Gallagher | 2012-05-03 | 2 | -9/+55 | |
| | | ||||||
| * | LDAP: Initialize ID mapping when configured | Stephen Gallagher | 2012-05-03 | 2 | -0/+10 | |
| | | ||||||
| * | LDAP: Add ID mapping range settings | Stephen Gallagher | 2012-05-03 | 3 | -0/+9 | |
| | | ||||||
| * | LDAP: Add helper routines for ID-mapping | Stephen Gallagher | 2012-05-03 | 2 | -0/+334 | |
| | | ||||||
| * | LDAP: Add id-mapping option | Stephen Gallagher | 2012-05-03 | 3 | -0/+3 | |
| | | ||||||
| * | LDAP: Add objectSID config option | Stephen Gallagher | 2012-05-03 | 3 | -0/+10 | |
| | | ||||||
| * | Read sysdb attribute name, not LDAP attribute map name | Jakub Hrozek | 2012-05-03 | 1 | -2/+2 | |
| | | | | | https://fedorahosted.org/sssd/ticket/1320 | |||||
| * | SSH: Add dp_get_host_send to common responder code | Jakub Hrozek | 2012-05-03 | 3 | -30/+24 | |
| | | | | | | | | | Instead of using account_info request, creates a new ssh specific request. This improves code readability and will make the code more flexible in the future. https://fedorahosted.org/sssd/ticket/1176 | |||||
| * | Rename split_service_name_filter | Jakub Hrozek | 2012-05-03 | 1 | -16/+16 | |
| | | | | | | The function was used outside services code which was confusing due to its name. This patch renames it to sound more netrual. | |||||
| * | IPA: Check return values | Jakub Hrozek | 2012-05-03 | 2 | -2/+12 | |
| | | ||||||
| * | PROXY: return correct return codes | Jakub Hrozek | 2012-05-03 | 1 | -7/+9 | |
| | | | | | | We were reporting on the value of "status" instead of "ret'. We also didn't set ret to EOK in cases group contained no members. | |||||
| * | DP: return correct error message when subdomains back end target is not ↵ | Jakub Hrozek | 2012-05-02 | 1 | -1/+1 | |
| | | | | | | | configured The done handler uses the value of status, not ret. | |||||
| * | HBAC: Prevent NULL dereference in hbac_evaluate | Jakub Hrozek | 2012-05-02 | 1 | -2/+4 | |
| | | | | | 'info' is optional parameter and can be set to NULL | |||||
| * | ipa_get_config_send: remove unused assignment | Jakub Hrozek | 2012-05-02 | 1 | -1/+0 | |
| | | ||||||
| * | IPA netgroups: return EOK when there are no netgroups to process | Jakub Hrozek | 2012-05-02 | 1 | -0/+1 | |
| | | | | | If the code fell through the loop, ret would have been random value. | |||||
| * | LDAP: check return value of sysdb_attrs_get_el | Jakub Hrozek | 2012-05-02 | 1 | -0/+7 | |
| | | ||||||
| * | execv, excvp and exec_child never return EOK | Stef Walter | 2012-05-01 | 2 | -10/+6 | |
| | | | | | * So don't need to handle that case | |||||
| * | Utilize sysdb context within be_req in HBAC | Jan Zeleny | 2012-04-24 | 1 | -2/+2 | |
| | | ||||||
| * | Detect subdomain request in IPA access provider | Jan Zeleny | 2012-04-24 | 1 | -0/+10 | |
| | | ||||||
| * | Accept be_req instead if be_ctx in LDAP access provider | Jan Zeleny | 2012-04-24 | 3 | -15/+16 | |
| | | ||||||
| * | Carry sysdb context and domain info in be_req structure | Jan Zeleny | 2012-04-24 | 2 | -0/+5 | |
| | | ||||||
| * | Basic support for subdomains in auth provider | Jan Zeleny | 2012-04-24 | 3 | -3/+13 | |
| | | ||||||
| * | Add ID operations in subdomains | Jan Zeleny | 2012-04-24 | 3 | -0/+276 | |
| | | ||||||
| * | Add s2n extended operation | Sumit Bose | 2012-04-24 | 2 | -0/+667 | |
| | | ||||||
| * | Add domain name to get_account_info request | Sumit Bose | 2012-04-24 | 2 | -0/+10 | |
| | | ||||||
| * | IPA: Add get-domains target | Sumit Bose | 2012-04-24 | 6 | -0/+425 | |
| | | ||||||
| * | data provider: added subdomains | Sumit Bose | 2012-04-24 | 3 | -2/+167 | |
| | | ||||||
| * | Responder part of the subdomain retrieval work | Jan Zeleny | 2012-04-24 | 1 | -0/+1 | |
| | | ||||||
| * | Get the RootDSE after binding if not successfull before | Jakub Hrozek | 2012-04-20 | 1 | -26/+104 | |
| | | | | | https://fedorahosted.org/sssd/ticket/1258 | |||||
| * | Convert read and write operations to sss_atomic_read | Jakub Hrozek | 2012-04-20 | 3 | -78/+52 | |
| | | | | | https://fedorahosted.org/sssd/ticket/1209 | |||||
| * | sdap_check_aliases must not error when detects the same user | Jakub Hrozek | 2012-04-20 | 1 | -13/+31 | |
| | | | | | https://fedorahosted.org/sssd/ticket/1307 | |||||
| * | Free controls in sdap_rebind_proc | Jakub Hrozek | 2012-04-20 | 1 | -4/+6 | |
| | | ||||||
| * | proxy: new option proxy_fast_alias | Jakub Hrozek | 2012-04-20 | 3 | -43/+123 | |
| | | ||||||
| * | proxy: Canonicalize user and group names | Jakub Hrozek | 2012-04-20 | 1 | -312/+354 | |
| | | | | | https://fedorahosted.org/sssd/ticket/1249 | |||||
| * | Fixed minor memory leak in ldap provider | Jan Zeleny | 2012-04-18 | 1 | -0/+1 | |
| | | ||||||
| * | Fixed memory context in sdap_fill_memberships() | Jan Zeleny | 2012-04-18 | 1 | -1/+1 | |
| | | ||||||
 |
index : sssd.git | |
| sssd with jhrozek's patches | Jakub Hrozek |
| summaryrefslogtreecommitdiffstats |