summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* We are really changing the kerberos principal key and not the password whenRob Crittenden2008-03-246-49/+49
| | | | | | | | | | we do updates, so use the right terminology internally. Also fix the actual field we update (and grant permission appropriately in delegations). The DS password handles updating userPassword and any Samba passwords as necessary. 438256
* Start ntpd after FDS so that the ntp user can be found.Rob Crittenden2008-03-241-2/+2
| | | | | | | Start httpd after ipa_webgui becuse otherwise mod_proxy may not like it if it can't connect to the UI listening port 438090
* Allow client install to specify ntp server nameSimo Sorce2008-03-141-1/+6
|
* Allow the realm to be included in the name passed to add_service_principal()Rob Crittenden2008-03-172-3/+11
| | | | | | | This is more kerberos-like and it doesn't hurt anything, we just won't allow realms other than our own to be used. 437566
* Don't define bogus realm/server in configuration file by defaultRob Crittenden2008-03-1720-4/+58
| | | | | | | Add default exception handler to avoid backtraces in cmdline tools Enhance error message when the IPA server or realm can't be found 437565
* Adding items to the set needs to be lower case to prevent duplicates.Rob Crittenden2008-03-101-1/+1
| | | | | | | This function was assuming that the target list was all lower-case so the set could end up with duplicate values which would get kicked out by LDAP. 433680
* Remove ACI that was causing RDN changes to failRob Crittenden2008-03-102-5/+1
| | | | | | Fix for session code so RDN change can succeed 433523
* Add ability to initialize a replication agreementRob Crittenden2008-03-073-51/+73
| | | | | | | | Add ability to force a synch to occur Clean up a lot of unused code in ipaldap.py. This lets us do a simple bind without being root (it used to try to read dse.ldif) 436237
* Verify that the hostname is correct in /etc/hostsRob Crittenden2008-03-062-3/+32
| | | | | | Don't ignore exceptions when getting the hostname from the user 433515
* Fix build breakage. We now provide a man file, need to specify location to rpmRob Crittenden2008-03-112-2/+2
|
* Add --quiet option to ipa-getkeytabSimo Sorce2008-03-052-9/+32
| | | | | | Return message on success Avoid SASL output from being printed Make sure the man page is up to date
* Prevent server and domain from being undefined or blank when we need themRob Crittenden2008-03-052-11/+19
| | | | | | | Improve LDAP error reporting Don't return the str() of discovery values because it can return "None" 436130
* Use standard size and alignment for the packed data so it works on 64-bit hostsRob Crittenden2008-03-061-1/+1
|
* Remove some duplicate id's that are not valid HTMLRob Crittenden2008-03-053-5/+2
| | | | | Remove the footer. It was a leftover from the original TurboGears-generated project that Kevin McCarthy had modified.
* Remove the ability for the average user to add/delete groups on user edit pageRob Crittenden2008-03-041-3/+3
| | | | | | | If they have any delegations at all (are in editors group) they will have these links. 433387
* Filter out K/M and krbtgt principals from the service principals list.Rob Crittenden2008-03-031-2/+3
| | | | 435713
* Require that the hostname is a DNS A record and that the forward and reverseRob Crittenden2008-03-032-0/+22
| | | | | | match. 433515
* Allow python to look in /usr/sbin for ipa_webguiRob Crittenden2008-03-041-0/+4
| | | | 429999
* KDC is Key Distribution Center, not Kerberos Domain ControllerRob Crittenden2008-03-041-1/+1
| | | | 435949
* Fix boot.ldif generation, the domain name component must be derivedSimo Sorce2008-03-041-1/+1
| | | | | from the realm not the domain. One line fix.
* Fix build breakage.Rob Crittenden2008-03-031-1/+1
|
* Close all fds when running another program. This fixes the SELinux AVCs.Rob Crittenden2008-03-033-3/+4
| | | | | | Put installation log files into /var/log. 430024
* Do argument type checking in the XML-RPC interfaceRob Crittenden2008-02-292-60/+154
| | | | | Fix error in service principals where the service wasn't being removed before doing the DNS lookup.
* Add small script to start/stop all of the services that IPA requires in theRob Crittenden2008-02-284-2/+68
| | | | | | proper order. 435026
* Allow groups to be added as a group membeRob Crittenden2008-02-282-7/+39
| | | | 435134
* Make sure all entries are generated by us according to IPASimo Sorce2008-02-283-9/+22
| | | | | default tree. This patch make sure that the DS setup script does not add unwanted entries.
* Fixed the way we call ipa-client-install from ipa-replica-install.Nathan Kinder2008-02-281-1/+1
| | | | 434980
* Fix off-by-one error in the number of steps to install a serviceRob Crittenden2008-02-281-1/+1
|
* Add action statement to ldap.conf updateRob Crittenden2008-02-271-15/+15
| | | | | Move imports into try/except so that ctrl-C can always be caught Fix typo
* In the UI we don't want to display Edit links unless someone can actuallyRob Crittenden2008-02-276-16/+121
| | | | | | | | | | | | edit things. We use the 'editors' group for this. This group itself grants no permission other than displaying certain things in the UI. In order to be in the editors group a user must be a member of a group that is the source group in a delegation. The memberof plugin will do all the hard work to be sure that a user's memberof contains cn=editors if they are in a delegated group. 432874
* - Centralize try/except so the entire program is covered. This make itRob Crittenden2008-02-2719-1034/+1136
| | | | | | | possible to catch KeyboardInterrupt during the import process. - Add function for handling python differences with GSSError 434798
* Don't log passwords in ipaserver-install.logRob Crittenden2008-02-261-2/+4
| | | | 433509
* The admins group cannot be renamed.Rob Crittenden2008-02-272-0/+8
| | | | 433880
* Use correct variable for determining the host nameRob Crittenden2008-02-261-1/+1
| | | | 435055
* Require that service principals resolve to a DNS A record.Rob Crittenden2008-02-267-11/+45
| | | | | | There is a --force option for those who know what they are doing. 433483
* Don't try to use options.realm_name unless it was passed inRob Crittenden2008-02-261-6/+15
| | | | | | | Don't allow empty responses to domain and realm name Handle ctrl-C 434982
* Add failover to the XML-RPC clientRob Crittenden2008-02-224-11/+38
| | | | 433506
* Contribute, RHEL4 compatible, simple setup scriptSimo Sorce2008-02-262-0/+802
|
* Use the label "Full Name" for "Common Name"Rob Crittenden2008-02-262-2/+2
| | | | 433525
* We do not require the Master password anymore, fix code and error messageSimo Sorce2008-02-251-4/+3
|
* Fix unattended installSimo Sorce2008-02-251-20/+23
|
* Compress man pages after installationRob Crittenden2008-02-251-0/+2
|
* Move ipa-getkeytab man page into proper subdirRob Crittenden2008-02-257-8/+21
| | | | 433878
* Don't allow a group to be a member of itself.Rob Crittenden2008-02-222-1/+10
| | | | 434542
* Command-line utility to manage password policyRob Crittenden2008-02-255-1/+195
| | | | 432814
* Remove HTML from Javascript error message and fix up language to be clearerRob Crittenden2008-02-221-1/+1
| | | | 433374
* Make sure KrbPrincipalName is unique server-wideRob Crittenden2008-02-211-0/+35
| | | | Fix the build. Somehow this file didn't get committed.
* Make sure KrbPrincipalName is unique server-wideSimo Sorce2008-02-212-0/+5
|
* Syntax error, ')' in the worng place throws nasty 500 errors on ldap errors :)Simo Sorce2008-02-211-1/+1
|
* Remove reference to wrong commandRob Crittenden2008-02-211-5/+5
| | | | | | Clean up language around automatically appending the Kerberos realm 433800
generated by cgit (git 2.34.1) at 2025-09-05 17:04:13 +0000