summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Forgot to include FQDN in the substitition listRob Crittenden2007-11-131-1/+1
| |
| * Make the group cn an editable field though protected by default.Rob Crittenden2007-11-143-26/+26
| | | | | | | | Fix some issues with the multi-value to single-value reversion.
| * Include multi-value fields on the Add Person pageRob Crittenden2007-11-147-117/+241
| | | | | | | | Remove multi-valued cn from groups
| * Add an editors group. This is used to generally grant access for usersRob Crittenden2007-11-1410-47/+62
| | | | | | | | | | | | | | | | to edit other users (the Edit link won't appear otherwise). Additional delegation is need to grant permission to individual attributes. Update the failed login page to indicate that it is a permission issue. Don't allow access to policy at all for non-admins. By default users can only edit themselves.
| * Initial implementation of policies support.Simo Sorce2007-11-132-104/+533
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch uses the kerberos schema policy, this is the same policy used by kadmin. While this patch allows for krbPwdPolicy objects anywhere the kldap module will make the kdc fail to provide tickets if the "krbPwdPolicyReference" points to any object that is not a child of cn=<REALM>,cn=kerberos,dc=.... To let us set policies anywhere in the tree I enabled the code to actually look at parent entries and the user entry itself and specify policies directly on these objects by adding the krbPwdPolicy objectclass to them (I know its structural but DS seem to allow multiple Structural classes on the same entry). The only side effect is that kadmin will not understand this, but we don't want to use kadmin anyway as it does not understand way too many things about the directory. I've tested a few scenarios and all seem working as expected, but further testing is welcome of course.
| * Add more fields to the IPA Policy formRob Crittenden2007-11-134-1/+68
| |
| * Remove non-existent files from Makefile targetsRob Crittenden2007-11-132-2/+0
| |
| * Use the dna plugin to automatically assign uidRob Crittenden2007-11-131-7/+14
| | | | | | | | | | Set gid to the group "ipausers" Add the user to this default group
| * The e-mail field should not be required.Rob Crittenden2007-11-131-1/+1
| |
| * Restrict access to some parts of the UI to those in the admins groupRob Crittenden2007-11-134-14/+41
| |
| * Allow a user or group to change an attribute in its RDNRob Crittenden2007-11-127-19/+195
| | | | | | | | | | Add secretary to the list of indexes otherwise RDN changing could be slow Port --addattr, --setattr and --delattr from usermod to groupmod
| * Handle ldap.UNWILLING_TO_PERFORM more gracefullyRob Crittenden2007-11-092-1/+9
| |
| * Add the capability to completely delete a user from the database. TheRob Crittenden2007-11-092-6/+19
| | | | | | | | default remains to inactivate them.
| * Don't continue if a kerberos credentials cache is not availableRob Crittenden2007-11-091-8/+8
| | | | | | | | | | forked-model detection was incorrect. Both of these return an error instead of raising one
| * Fix editing groups when cn is a single-valued fieldRob Crittenden2007-11-091-2/+4
| | | | | | | | Fix some error messages that were printing the entire detail message
| * Require uniqueness in the name/comment field of delegationsRob Crittenden2007-11-095-7/+63
| | | | | | | | | | | | Fix error reporting in the UI to include the detailed message Sort delegations by name when displaying them Update the name field from "Name" to "Delegation Name"
| * Underline columns on sort results page so users will know it is a linkRob Crittenden2007-11-121-0/+19
| | | | | | | | Restore the CSS to display the up/down arrow on sort columns
| * Redirect to the FQDN otherwise kerberos auth may failRob Crittenden2007-11-121-2/+8
| |
| * Initial support for policy editingRob Crittenden2007-11-1213-2/+349
| | | | | | | | More work is needed as the values are currently hardcoded and not saved
| * Enable multi-value field support for some attributes on the edit pagesRob Crittenden2007-11-0811-79/+477
| | | | | | | | | | Better error reporting in the GUI Include a document describing how multi-valued fields work
| * Allow setting of lib directory to correct non-rpm builds on x86_64.Karl MacMillan2007-11-131-4/+6
| | | | | | | | | | | | With this patch you will need to run: make autogen LIBDIR=/usr/lib64 Also works for 'make all'.
* | fix regular expression used in parse_key_value_pairs()John Dennis2007-11-271-1/+1
| |
* | bug fixesJohn Dennis2007-11-274-14/+11
| |
* | checkpoint bug fixing and cleanup of command line radius toolsJohn Dennis2007-11-274-124/+185
| |
* | do a better job of handling attribute deletionJohn Dennis2007-11-273-73/+53
| |
* | checkpoint work to add attribute deletionJohn Dennis2007-11-271-84/+164
| |
* | add parse_items(), read_items_file()John Dennis2007-11-266-20/+37
| | | | | | | | move read_pairs_file() to ipautil
* | add ItemCompleter classJohn Dennis2007-11-261-1/+101
| |
* | add command line utilites for radius profilesJohn Dennis2007-11-269-13/+693
| |
* | remove radius_client.py, move contents to radius_util.pyJohn Dennis2007-11-267-178/+155
| |
* | checkpoint radius client add,modify,find,del working, command line args ↵John Dennis2007-11-263-1/+3
| | | | | | | | handled correctly
* | clean up attribute namesjdennis@VAIO2007-11-245-54/+59
| | | | | | | | clean up command line args in ipa-delradiusclient
* | clean up radius client command line toolsJohn Dennis2007-11-234-78/+140
| |
* | Add radius profile implementations:John Dennis2007-11-2113-235/+950
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | get_radius_profile_by_uid add_radius_profile update_radius_profile delete_radius_profile find_radius_profiles Rewrite command line arg handling, now support pair entry, interactive mode with auto completion, reading pairs from a file, better handling of mandatory values, better help, long arg names now match attribute name in pairs Establish mappings for all attributes and names used in clients and profiles Add notion of containers to radius clients and profiles in LDAP Move common code, variables, constants, and strings into the files radius_client.py, radius_util.py, ipautil.py to eliminate redundant elements which could get out of sync if modified and to provide access to other code which might benefit from using these items in the future. Add utility functions: format_list() parse_key_value_pairs() Add utility class: AttributeValueCompleter Unify attribute usage in radius ldap schema
* | map attrs to friendly nameJohn Dennis2007-11-142-4/+11
| |
* | add ipa-findradiusclient searchJohn Dennis2007-11-146-0/+157
| |
* | radius client modify and delete workJohn Dennis2007-11-149-18/+307
| |
* | move radius client utility code to common radius_client.py so it can be sharedJohn Dennis2007-11-132-98/+132
| |
* | ipa-addradiusclient now workingJohn Dennis2007-11-138-16/+59
| |
* | checkpoint radius client workJohn Dennis2007-11-1316-14/+424
|\|
| * Add posix auto gen for single master casePete Rowley2007-11-067-13/+106
| |
| * remove offensive use of rpmJohn Dennis2007-11-064-45/+25
| | | | | | | | add the radiusprofile to the list of objectclasses used when creating a user
| * Update text to reflect new CSS code (sidebar now on right)Rob Crittenden2007-11-061-1/+1
| |
* | add aci's for radiusJohn Dennis2007-11-101-1/+2
| |
* | radius now does kerberos auth, reads client entries from LDAPJohn Dennis2007-11-104-11/+81
| |
* | remove offensive use of rpmJohn Dennis2007-11-064-45/+25
|/ | | | add the radiusprofile to the list of objectclasses used when creating a user
* Introduce service base class and clean up ipa-server-installKarl MacMillan2007-11-0510-164/+306
| | | | | | | | | | | | 1) Add a base class for all of the instance objects. 2) Normalize usage of logging. 3) General cleanups of ipa-server-install. 4) Make better use of httpinstance. 5) Add webguiinstance. 6) Improve progress reporting during installation. Works Here (TM), but it would be nice to get someone else to test since this moves code around a bit.
* Prevent gzip from requesting confirmation.Karl MacMillan2007-11-051-2/+2
| | | | | | | The current manpage installation gzips the files in place and requests confirmation before overwriting existing files. Add -f to prevent prompting. We should consider not gzipping the files in place.
* Make it possible to force the running of autogen.Karl MacMillan2007-11-051-2/+6
| | | | | | | | | With the change to run autogen on make all if there was no makefile present, it became impossible to force the running of autogen when that is needed. Fix that by adding a bootstrap-autogen target that checks the existing of Makefiles and reverting the autogen target to always run autogen.
* merge initial radius workJohn Dennis2007-11-0310-22/+1043
|
generated by cgit (git 2.34.1) at 2025-09-06 06:41:09 +0000