summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add support for managing user auth typesNathaniel McCallum2013-11-085-10/+32
| | | | https://fedorahosted.org/freeipa/ticket/3368
* Turn LDAPEntry.single_value into a dictionary-like property.Jan Cholasta2013-11-0522-146/+152
| | | | | | This change makes single_value consistent with the raw property. https://fedorahosted.org/freeipa/ticket/3521
* Guard import of adtrustinstance for case without trustsAlexander Bokovoy2013-11-041-2/+8
| | | | https://fedorahosted.org/freeipa/ticket/4011
* Fix debug output in integration testPetr Viktorin2013-11-041-1/+1
| | | | | | Recent ipaldap work has made LDAPEntry incompatible with python-ldap's LDIFWriter. Convert entry to dict before printing debug output.
* ipatests: test_trust: use domain name instead of realm for user lookupsTomas Babej2013-11-011-3/+6
|
* ipatests: Add integration tests for legacy clientsTomas Babej2013-11-011-0/+261
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Use command -v instead of which in legacy client adviceTomas Babej2013-11-011-2/+2
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* Remove deprecated AllowLMhash configMartin Kosek2013-11-011-1/+1
| | | | | | | Remove this ipaConfigString value as LM hash is deprecated and in fact even insecure. https://fedorahosted.org/freeipa/ticket/3795
* Remove generation and handling of LM hashesSumit Bose2013-11-017-250/+74
| | | | https://fedorahosted.org/freeipa/ticket/3795
* Remove AllowLMhash from the allowed IPA config stringsSumit Bose2013-11-015-5/+3
| | | | Fixes https://fedorahosted.org/freeipa/ticket/3795
* Use encoded values from entry objects directly when adding new entries.Jan Cholasta2013-10-311-7/+1
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Use encoded values from entry objects directly when generating modlists.Jan Cholasta2013-10-311-33/+6
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Store encoded attribute values from search results directly in entry objects.Jan Cholasta2013-10-311-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Remove legacy toDict and origDataDict methods of LDAPEntry.Jan Cholasta2013-10-313-33/+9
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Make sure attributeTypes updates are done before objectClasses updates.Jan Cholasta2013-10-311-1/+4
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Decode and encode attribute values in LDAPEntry on demand.Jan Cholasta2013-10-312-28/+234
| | | | | | | | | | | This is achieved by storing both decoded and encoded attribute values in LDAPEntry and synchronizing changes between them whenever an attribute is accessed. Added a new property "raw" to LDAPEntry. It provides a dictionary-like object which can be used to directly access encoded attribute values. https://fedorahosted.org/freeipa/ticket/3521
* Always use lists for values in LDAPEntry internally.Jan Cholasta2013-10-312-2/+30
| | | | | | | Outside of LDAPEntry, it is still possible to use non-lists. Once we enforce lists for attribute values, this will be removed. https://fedorahosted.org/freeipa/ticket/3521
* Introduce IPASimpleLDAPObject.decode method for decoding LDAP values.Jan Cholasta2013-10-311-27/+31
| | | | | | | This method is intended as a counterpart of IPASimpleLDAPObject.encode and replaces IPASimpleLDAPObject.convert_value_list. https://fedorahosted.org/freeipa/ticket/3521
* Make LDAPEntry a wrapper around dict rather than a dict subclass.Jan Cholasta2013-10-311-68/+83
| | | | https://fedorahosted.org/freeipa/ticket/3521
* ipatests: Add support for extra roles referenced by a keywordTomas Babej2013-10-316-40/+158
| | | | | | | | | | | | | | | | | | Adds support for host definition by a environment variables of the following form: ROLE_<keyword>_envX, where X is the number of the environment for which host referenced by a role <keyword> should be defined. Adds a required_extra_roles attribute to the IntegrationTest class, which can test developer use to specify the extra roles that this particular test requires. If not all required extra roles are available, the test will be skipped. All extra (and static) roles are accessible to the IntegrationTests via the host_by_role method, which returns a host of given role. Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Do not use /usr/bin hardcoded pathsTomas Babej2013-10-311-6/+7
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Restore SELinux context after restoring files from backupTomas Babej2013-10-311-0/+12
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Extend clear_sssd_cache to support non-systemd platformsTomas Babej2013-10-311-6/+16
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* advice: Add legacy client configuration script using nss-ldapTomas Babej2013-10-311-1/+36
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* Remove ipa-pwd-extop and ipa-enrollment duplicate error stringsMartin Kosek2013-10-303-16/+22
| | | | | | | Some error strings were duplicate which makes it then harder to see what is the real root cause of it. https://fedorahosted.org/freeipa/ticket/3988
* Fix password expiration notificationPetr Vobornik2013-10-305-19/+137
| | | | | | - was broken by navigation and application controller refactoring https://fedorahosted.org/freeipa/ticket/4003
* beakerlib plugin: Don't try to submit logs if they are missingPetr Viktorin2013-10-301-0/+1
|
* Tests: mkdir_recursive: Don't fail when top-level directory doesn't existPetr Viktorin2013-10-301-4/+4
| | | | | | When the directory directly under root (e.g. /etc) did not exist, mkdir_recursive failed. Fix the issue.
* Improve permission plugin test cleanupPetr Viktorin2013-10-301-3/+5
| | | | | | | The rename tests use names that were not being cleaned up when the tests fail. Add cleanup steps for them. Also, use --force so system permissions are removed as well.
* Use new ipaldap entry API in aci and permission pluginPetr Viktorin2013-10-302-23/+27
|
* Help plugin: don't fail if a topic's module is not foundPetr Viktorin2013-10-301-3/+8
| | | | | | | | Previously the help plugin failed when searching for the docstring when a topic's module was not found. This can happen when some server plugins are loaded (e.g. for tests). Use empty documentation when the topic is not found.
* Fix invalid assumption NSS initialization check in SSLTransportPetr Viktorin2013-10-301-1/+3
| | | | | | There code assumes that the `conn` in any Connection in the context is a ServerProxy. This might not always be the case: ldap2 uses a python-ldap connection here.
* Fix indentation in permission plugin testsPetr Viktorin2013-10-301-44/+44
|
* Update Permission and ACI plugins to decorator registration APIPetr Viktorin2013-10-302-30/+24
|
* Add nsswitch.conf to FILES section of ipa-client-install man pageMartin Kosek2013-10-291-0/+1
| | | | | | This file is always updated when client is installed or uninstalled. https://fedorahosted.org/freeipa/ticket/3995
* Track DS certificate with certmonger on replicas.Jan Cholasta2013-10-292-2/+10
| | | | https://fedorahosted.org/freeipa/ticket/3975
* Add test for external CA installationAna Krivokapic2013-10-291-0/+107
| | | | https://fedorahosted.org/freeipa/ticket/3819
* Fix date in last changelog entryPetr Viktorin2013-10-251-1/+1
|
* Remove mod_ssl conflictMartin Kosek2013-10-255-10/+54
| | | | | | | | | | | Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one machine (of course, when listening to different ports). To make sure that mod_ssl is not configured to listen on 443 (default mod_ssl configuration), add a check to the installer checking of either mod_nss or mod_ssl was configured to listen on that port. https://fedorahosted.org/freeipa/ticket/3974
* Make set_directive and get_directive more strictMartin Kosek2013-10-251-2/+2
| | | | | | | | | | | When set_directive was used for directive "foo" and the word "foo" was detected anywhere on the line (e.g. in a comment, or in an example), it was overwritten which may potentially lead to wrong line being overwritten. Only match the directives on the beginning of the lines, it is safer. https://fedorahosted.org/freeipa/ticket/3974
* Do not add kadmin/changepw ACIs on new installsMartin Kosek2013-10-252-2/+0
| | | | | | | | | | | | These ACI were needed when FreeIPA had a custom ipa_kpasswd daemon, now that a standard kadmin is used, ACIs are not needed anymore as kadmin uses the same driver as the KDC. The ACIs is not removed on upgrades to avoid breaking older replicas which may still use FreeIPA version with the ipa_kpasswd daemon. https://fedorahosted.org/freeipa/ticket/3987
* Make sure nsds5ReplicaStripAttrs is set on agreementsAna Krivokapic2013-10-251-2/+1
| | | | | | | Add nsds5ReplicaStripAttrs to the agreement LDAP entry before the agreement is created. https://fedorahosted.org/freeipa/ticket/3989
* Do not roll back failed client installation on serverAna Krivokapic2013-10-251-0/+5
| | | | | | | | In case of a failed enrollment, IPA client rolls back any changes it has made to the system. In order to have a more debuggable setup, do not roll back these changes in the case of an IPA server install. https://fedorahosted.org/freeipa/ticket/3990
* trusts: Fix typo in error message for realm-domain mismatchTomas Babej2013-10-251-2/+2
|
* ipatests: Add AD integration test caseTomas Babej2013-10-251-0/+188
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Add AD-integration related tasksTomas Babej2013-10-243-5/+324
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Add WinHost classTomas Babej2013-10-241-0/+19
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Create util module for ipatestsTomas Babej2013-10-241-0/+60
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Extend IntegrationTest with multiple AD domain supportTomas Babej2013-10-241-10/+18
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Extend domain object with 'ad' role support and WinHostsTomas Babej2013-10-241-20/+25
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
generated by cgit (git 2.34.1) at 2025-09-03 06:18:47 +0000