freeipa.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Teach ipa-pwd-extop to respect global ipaUserAuthType settings	Nathaniel McCallum	2014-02-21	1	-127/+0
\| \| \| \| \| \|	https://fedorahosted.org/freeipa/ticket/4105 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
*	Harmonize policy discovery to kdb driver	Simo Sorce	2014-01-16	1	-89/+17
\| \| \| \| \| \| \| \| \| \| \|	The KDB driver does not walk the tree back like the original password plugin. Also we do not store the default policy in the base DN as we used to do in the past anymore. So doing a full subtree search and walking back the tree is just a waste of time. Instead hardcode the default policy like we do in the kdb driver. Fixes: https://fedorahosted.org/freeipa/ticket/4085
*	Remove generation and handling of LM hashes	Sumit Bose	2013-11-01	1	-13/+1
\| \| \| \|	https://fedorahosted.org/freeipa/ticket/3795
*	Administrative password change does not respect password policy	Martin Kosek	2013-10-17	1	-15/+29
\| \| \| \| \| \| \| \| \|	When Directory Manager or a PassSync agent is changing a password, it is not being expired, but standard expiration time should apply. However, default expiration time was always applied (90 days) even though administrator may have a custom policy for the user. https://fedorahosted.org/freeipa/ticket/3968
*	Add OTP support to ipa-pwd-extop	Nathaniel McCallum	2013-05-17	1	-0/+130
\| \| \| \| \| \| \| \| \|	During LDAP bind, this now plugin determines if a user is enabled for OTP authentication. If so, then the OTP is validated in addition to the password. This allows 2FA during user binds. https://fedorahosted.org/freeipa/ticket/3367 http://freeipa.org/page/V3/OTP
*	Remove unnecessary prefixes from ipa-pwd-extop files	Nathaniel McCallum	2013-05-17	1	-0/+1107