summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Move dn removal to the XML-RPC side and remove empty attributesRob Crittenden2007-12-052-5/+23
|
* Notify the user when the search results have been truncatedRob Crittenden2007-12-052-0/+6
|
* Add UI for service principal creation and keytab retrievalRob Crittenden2007-12-0512-2/+498
|
* Merge.Karl MacMillan2007-12-052-47/+44
|\
| * Fix errors with ipautil.CalledProcessError and cleanup some imports.Karl MacMillan2007-12-042-47/+44
| |
* | Phase 1 of allowing admins to set the default object classes for users & groupsRob Crittenden2007-12-049-55/+248
|/ | | | | | | This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields.
* Groups may be iterated over so should be an empty list, not NoneRob Crittenden2007-12-051-1/+1
|
* Convert krbmaxpwdlife and krbminpwdlife from seconds into days and hoursRob Crittenden2007-12-032-7/+18
|
* Fix client installation toolSimo Sorce2007-12-041-2/+4
|
* Increase default max password lifetime from 10 to 90 daysRob Crittenden2007-12-031-1/+1
|
* Update build requires for libcap.Karl MacMillan2007-12-031-0/+2
|
* Improved ACIsSimo Sorce2007-11-301-9/+12
|
* minor typosSimo Sorce2007-11-302-2/+8
|
* Compatibility changes to work on RHEL 5 with python 2.4rcritten@redhat.com2007-11-3013-35/+51
|
* Min Pwd Change Time Check after Password reset and other minor fixesSimo Sorce2007-11-302-26/+34
|
* Revert logging setup change because it has unintendedKarl MacMillan2007-12-031-3/+3
| | | | consequences during ipa-server-install.
* Require that the default users group existsRob Crittenden2007-11-302-10/+21
| | | | Fix some copy-paste errors from the password policy update
* Don't allow the admins or editors groups to be removed.Rob Crittenden2007-11-302-0/+25
| | | | Don't allow the default group for users to be removed.
* delete_group() takes a DN, not a CN. Also do slightly better error reporting.Rob Crittenden2007-11-301-1/+13
|
* Remove optional arguments from the XML-RPC interfaceRob Crittenden2007-11-291-15/+15
|
* Change the password expiration message to be more precise.Rob Crittenden2007-11-292-4/+4
|
* Add utility to lock user accounts. Remove lock capability from ipa-deluserRob Crittenden2007-11-267-25/+147
| | | | | Fix bootstrap.ldif to add new Class of Service entries properly Include some man pages that weren't being installed
* Add ipa-python to maintainer-clean and clean up .pyc filesRob Crittenden2007-11-2815-0/+17
|
* Remove unnecessary attribute left over from testingRob Crittenden2007-11-261-1/+0
|
* Fix mode on ipa-keytab-util.Karl MacMillan2007-11-212-2/+4
|
* Add ipa-keytab-util to spec.Karl MacMillan2007-11-212-0/+2
|
* Add xml-rpc interface for getting keytabs.Karl MacMillan2007-11-2113-4/+524
| | | | Warning: this lacks any sort of authorization.
* Move packages to ipa from freeipa.Karl MacMillan2007-11-219-53/+77
|
* Bump the version numbers for release. Also removeKarl MacMillan2007-11-219-23/+23
| | | | | | specific version check on freeradius. Packages aren't available and the freeradius support isn't ready anyway.
* Generate master password from Simo.Karl MacMillan2007-11-214-27/+17
|
* Added replication.pyKarl MacMillan2007-11-211-0/+316
|
* Initial replication setup.Karl MacMillan2007-11-2114-253/+705
| | | | | | | | | | | | | | | | | | | This add replication setup through two new commands: ipa-replica-prepare and ipa-replica-install. The procedure is to run ipa-replica-prepare on an existing master. This will collect information about the realm and the current master and create a file storing all of the information. After copying that file to the new replica, ipa-replica-install is run (with -r to create a read-only replica). This version of the patch also includes fixes for the sasl mappings on the replicas. Remaining features: - ssl for replication. - automatic configuration of mesh topology for master (or a simpler way to replicate multiple masters. - tool for view / configuring current replication.
* more s/unique// wrt groups members/objectclassesSimo Sorce2007-11-212-3/+3
|
* Use groupOfNames and member, not groupOfUniqueNames and uniqueMemberSimo Sorce2007-11-203-21/+21
|
* Fix subtle errors in kpasswdSimo Sorce2007-11-201-25/+73
|
* Use same tzinfo as the time parser to avoid TypeError from being thrownRob Crittenden2007-11-211-1/+1
|
* Fix indentation error that occured in mergeRob Crittenden2007-11-211-11/+11
|
* Enable group inactivation by using the Class of Service plugin.Rob Crittenden2007-11-2015-44/+301
| | | | | | | | | | | | | | | | | | | | This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
* Fix bad segfault when pwvals is nullSimo Sorce2007-11-191-34/+24
|
* Remove default SASL mappings if any to avoid conflicts with IPA SASL mappingsSimo Sorce2007-11-191-0/+19
|
* fix ldif typoSimo Sorce2007-11-191-1/+0
|
* Minor fixes.Karl MacMillan2007-11-193-3/+2
|
* Add pyasn1 requirement to rpms.Karl MacMillan2007-11-192-0/+2
|
* Fix installationSimo Sorce2007-11-184-0/+41
| | | | | Add missing schema for GUI Config, and missing objectclass for cn=accounts container
* Merge upstream and fix bad suffix in default-aciSimo Sorce2007-11-1826-197/+690
|\
| * - Set correct values in ipa.conf during client install so that admin tools canSimo Sorce2007-11-161-0/+15
| | | | | | | | | | | | | | | | reach the xml-rpc server. - Assume the kdc/ldap server == xml-rpc server for v1. Initial code to read the Kerberos Master Key from the Directory
| * - Report correct information back to users when policies prevent a successfulSimo Sorce2007-11-161-43/+202
| | | | | | | | | | | | | | password change. - Fix some minor error Initial code to read the Kerberos Master Key from the Directory
| * Small fix from Rob to pwd-extop-pluginKarl MacMillan2007-11-171-1/+1
| |
| * - Store Master Key in Ldap (Makes it easier to set up replicas)Simo Sorce2007-11-164-183/+502
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Does not require dirsrv access to stash file - Finalize password history support - Fix strict password length default in pwd_extop (fix install sctript too) - fix plugin configuration - Introduce 3 kind of password change: normal, admin, and ds manager - normal require adherence to policies - admin does not but password is immediately expired - ds manager can just change the password any way he likes. Initial code to read the Kerberos Master Key from the Directory
| * Implement the password policy UI and finish IPA policy UIRob Crittenden2007-11-1614-156/+610
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
generated by cgit (git 2.34.1) at 2025-09-04 02:40:12 +0000