summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Completely remove attributes when delattr argumentRob Crittenden2007-11-151-3/+10
|
* Use same labels as UI for ipa-finduser and ipa-findgroupRob Crittenden2007-11-152-5/+29
| | | | Add -a option to ipa-findgroup to print all attributes
* Replace references to Person and People with User and UsersRob Crittenden2007-11-159-25/+25
|
* Add memberof-task.ldif.Karl MacMillan2007-11-151-0/+7
|
* Check for existance of of the target file in update_file. It used to silentlyRob Crittenden2007-11-151-1/+6
| | | | fail if the file it was to update didn't exist.
* Broke invididual Requires and BuildRequires onto separate lines andRob Crittenden2007-11-152-14/+68
| | | | | | reordered them Added python-tgexpandingformwidget as a dependency Require at least fedora-ds-base 1.1
* If unable to connect to the XML-RPC server print a more useful error msg.Rob Crittenden2007-11-1513-20/+96
|
* Initialize memberof patch from Pete Rowley.Karl MacMillan2007-11-152-1/+16
|
* Remove reference to a bogus system and make the error message more genericRob Crittenden2007-11-141-1/+1
|
* Forgot to include FQDN in the substitition listRob Crittenden2007-11-131-1/+1
|
* Make the group cn an editable field though protected by default.Rob Crittenden2007-11-143-26/+26
| | | | Fix some issues with the multi-value to single-value reversion.
* Include multi-value fields on the Add Person pageRob Crittenden2007-11-147-117/+241
| | | | Remove multi-valued cn from groups
* Add an editors group. This is used to generally grant access for usersRob Crittenden2007-11-1410-47/+62
| | | | | | | | to edit other users (the Edit link won't appear otherwise). Additional delegation is need to grant permission to individual attributes. Update the failed login page to indicate that it is a permission issue. Don't allow access to policy at all for non-admins. By default users can only edit themselves.
* Initial implementation of policies support.Simo Sorce2007-11-132-104/+533
| | | | | | | | | | | | | | | | | | | This patch uses the kerberos schema policy, this is the same policy used by kadmin. While this patch allows for krbPwdPolicy objects anywhere the kldap module will make the kdc fail to provide tickets if the "krbPwdPolicyReference" points to any object that is not a child of cn=<REALM>,cn=kerberos,dc=.... To let us set policies anywhere in the tree I enabled the code to actually look at parent entries and the user entry itself and specify policies directly on these objects by adding the krbPwdPolicy objectclass to them (I know its structural but DS seem to allow multiple Structural classes on the same entry). The only side effect is that kadmin will not understand this, but we don't want to use kadmin anyway as it does not understand way too many things about the directory. I've tested a few scenarios and all seem working as expected, but further testing is welcome of course.
* Add more fields to the IPA Policy formRob Crittenden2007-11-134-1/+68
|
* Remove non-existent files from Makefile targetsRob Crittenden2007-11-132-2/+0
|
* Use the dna plugin to automatically assign uidRob Crittenden2007-11-131-7/+14
| | | | | Set gid to the group "ipausers" Add the user to this default group
* The e-mail field should not be required.Rob Crittenden2007-11-131-1/+1
|
* Restrict access to some parts of the UI to those in the admins groupRob Crittenden2007-11-134-14/+41
|
* Allow a user or group to change an attribute in its RDNRob Crittenden2007-11-127-19/+195
| | | | | Add secretary to the list of indexes otherwise RDN changing could be slow Port --addattr, --setattr and --delattr from usermod to groupmod
* Handle ldap.UNWILLING_TO_PERFORM more gracefullyRob Crittenden2007-11-092-1/+9
|
* Add the capability to completely delete a user from the database. TheRob Crittenden2007-11-092-6/+19
| | | | default remains to inactivate them.
* Don't continue if a kerberos credentials cache is not availableRob Crittenden2007-11-091-8/+8
| | | | | forked-model detection was incorrect. Both of these return an error instead of raising one
* Fix editing groups when cn is a single-valued fieldRob Crittenden2007-11-091-2/+4
| | | | Fix some error messages that were printing the entire detail message
* Require uniqueness in the name/comment field of delegationsRob Crittenden2007-11-095-7/+63
| | | | | | Fix error reporting in the UI to include the detailed message Sort delegations by name when displaying them Update the name field from "Name" to "Delegation Name"
* Underline columns on sort results page so users will know it is a linkRob Crittenden2007-11-121-0/+19
| | | | Restore the CSS to display the up/down arrow on sort columns
* Redirect to the FQDN otherwise kerberos auth may failRob Crittenden2007-11-121-2/+8
|
* Initial support for policy editingRob Crittenden2007-11-1213-2/+349
| | | | More work is needed as the values are currently hardcoded and not saved
* Enable multi-value field support for some attributes on the edit pagesRob Crittenden2007-11-0811-79/+477
| | | | | Better error reporting in the GUI Include a document describing how multi-valued fields work
* Allow setting of lib directory to correct non-rpm builds on x86_64.Karl MacMillan2007-11-131-4/+6
| | | | | | With this patch you will need to run: make autogen LIBDIR=/usr/lib64 Also works for 'make all'.
* Add posix auto gen for single master casePete Rowley2007-11-067-13/+106
|
* remove offensive use of rpmJohn Dennis2007-11-064-45/+25
| | | | add the radiusprofile to the list of objectclasses used when creating a user
* Update text to reflect new CSS code (sidebar now on right)Rob Crittenden2007-11-061-1/+1
|
* Introduce service base class and clean up ipa-server-installKarl MacMillan2007-11-0510-164/+306
| | | | | | | | | | | | 1) Add a base class for all of the instance objects. 2) Normalize usage of logging. 3) General cleanups of ipa-server-install. 4) Make better use of httpinstance. 5) Add webguiinstance. 6) Improve progress reporting during installation. Works Here (TM), but it would be nice to get someone else to test since this moves code around a bit.
* Prevent gzip from requesting confirmation.Karl MacMillan2007-11-051-2/+2
| | | | | | | The current manpage installation gzips the files in place and requests confirmation before overwriting existing files. Add -f to prevent prompting. We should consider not gzipping the files in place.
* Make it possible to force the running of autogen.Karl MacMillan2007-11-051-2/+6
| | | | | | | | | With the change to run autogen on make all if there was no makefile present, it became impossible to force the running of autogen when that is needed. Fix that by adding a bootstrap-autogen target that checks the existing of Makefiles and reverting the autogen target to always run autogen.
* merge initial radius workJohn Dennis2007-11-0310-22/+1043
|
* Enable referential integrity plugin.Karl MacMillan2007-11-052-0/+17
|
* define Self-Service as editting your own record.Rob Crittenden2007-11-023-4/+14
| | | | | This has the side-effect of removing the realm from Loggin in as. This can be changed by using user_name instead of display_name in master.kid.
* Distinguish between active and inactive users on the Find People page.Rob Crittenden2007-11-023-3/+25
|
* 'make all' needs to depend on autogen.sh but we don't want to re-run itRob Crittenden2007-11-021-3/+3
| | | | on every iteration. This lets the top-level 'make install' work properly.
* groups come back as a list where the first element is the number ofRob Crittenden2007-11-021-0/+1
| | | | groups returned. Skip that element.
* NTP configuration for client and server.Karl MacMillan2007-11-019-16/+213
| | | | | | | | Configure ipa servers as an ntp server and clients to (by default) us the ipa server as an ntp server. Also corrected the messages about which ports should be opened.
* Update the UI look and feelRob Crittenden2007-11-0134-411/+475
|
* Fix ticket #70Simo Sorce2007-11-011-3/+3
|
* Use proper method of retrieving attributesRob Crittenden2007-11-011-1/+1
|
* TurboGears log files and log rotationRob Crittenden2007-11-012-16/+29
| | | | | | | | | | | The error log is rotated weekly on Sunday. 4 backups are saved. The access log is not stored since it would be a duplicate of the Apache logs. It can be enabled if desired. Had to move the call to daemonize() in ipa-webgui so that the fork is done before TurboGears is initialized. Otherwise the log files end up getting closed.
* Completely remove an attributeRob Crittenden2007-10-311-0/+5
|
* Added tag milestone_4_1 for changeset 77f4aaa4e4bdKarl MacMillan2007-11-011-0/+1
|
* Removed tag mileston_4_1milestone_4_1Karl MacMillan2007-11-011-0/+1
|
generated by cgit (git 2.34.1) at 2025-09-08 04:41:26 +0000