summaryrefslogtreecommitdiffstats
path: root/ipa-python
Commit message (Collapse)AuthorAgeFilesLines
* Move dn removal to the XML-RPC side and remove empty attributesRob Crittenden2007-12-051-3/+0
|
* Add UI for service principal creation and keytab retrievalRob Crittenden2007-12-052-0/+32
|
* Merge.Karl MacMillan2007-12-051-9/+7
|\
| * Fix errors with ipautil.CalledProcessError and cleanup some imports.Karl MacMillan2007-12-041-9/+7
| |
* | Phase 1 of allowing admins to set the default object classes for users & groupsRob Crittenden2007-12-041-0/+5
|/ | | | | | | This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields.
* Compatibility changes to work on RHEL 5 with python 2.4rcritten@redhat.com2007-11-301-1/+17
|
* Don't allow the admins or editors groups to be removed.Rob Crittenden2007-11-301-0/+15
| | | | Don't allow the default group for users to be removed.
* Add ipa-python to maintainer-clean and clean up .pyc filesRob Crittenden2007-11-281-0/+3
|
* Add xml-rpc interface for getting keytabs.Karl MacMillan2007-11-212-0/+31
| | | | Warning: this lacks any sort of authorization.
* Move packages to ipa from freeipa.Karl MacMillan2007-11-212-6/+12
|
* Bump the version numbers for release. Also removeKarl MacMillan2007-11-212-2/+2
| | | | | | specific version check on freeradius. Packages aren't available and the freeradius support isn't ready anyway.
* Generate master password from Simo.Karl MacMillan2007-11-211-0/+12
|
* Initial replication setup.Karl MacMillan2007-11-211-1/+1
| | | | | | | | | | | | | | | | | | | This add replication setup through two new commands: ipa-replica-prepare and ipa-replica-install. The procedure is to run ipa-replica-prepare on an existing master. This will collect information about the realm and the current master and create a file storing all of the information. After copying that file to the new replica, ipa-replica-install is run (with -r to create a read-only replica). This version of the patch also includes fixes for the sasl mappings on the replicas. Remaining features: - ssl for replication. - automatic configuration of mesh topology for master (or a simpler way to replicate multiple masters. - tool for view / configuring current replication.
* Fix indentation error that occured in mergeRob Crittenden2007-11-211-11/+11
|
* Enable group inactivation by using the Class of Service plugin.Rob Crittenden2007-11-202-5/+67
| | | | | | | | | | | | | | | | | | | | This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
* Implement the password policy UI and finish IPA policy UIRob Crittenden2007-11-163-12/+104
| | | | | | | | | | | | | | | | | | This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
* Handle ldap.UNWILLING_TO_PERFORM more gracefullyRob Crittenden2007-11-091-0/+5
|
* Require uniqueness in the name/comment field of delegationsRob Crittenden2007-11-091-0/+10
| | | | | | Fix error reporting in the UI to include the detailed message Sort delegations by name when displaying them Update the name field from "Name" to "Delegation Name"
* Enable multi-value field support for some attributes on the edit pagesRob Crittenden2007-11-081-0/+5
| | | | | Better error reporting in the GUI Include a document describing how multi-valued fields work
* remove offensive use of rpmJohn Dennis2007-11-061-36/+0
| | | | add the radiusprofile to the list of objectclasses used when creating a user
* merge initial radius workJohn Dennis2007-11-031-0/+37
|
* Completely remove an attributeRob Crittenden2007-10-311-0/+5
|
* Bump versions for release.Karl MacMillan2007-11-013-10/+12
|
* Rename memberOf to group_members in xml-rpc interface.Karl MacMillan2007-10-312-4/+4
|
* Have the GUI use memberOf() instead of looping through the member DNsRob Crittenden2007-10-311-1/+8
| | | | Fix a bug in the local transport version of memberOf()
* Add memberOf API call to the XML-RPC interfaceRob Crittenden2007-10-302-0/+25
| | | | Make find-groups use memberOf to have a prettier dispaly of members
* Add delete user and group to webgui.Kevin McCarthy2007-10-232-5/+5
| | | | NOTE: this doesn't handle referential integrity.
* Cleanup freeipa-python requiresMark McLoughlin2008-02-212-8/+2
| | | | | | | | | | | | | | | | We don't need the elaborate python requires, since a requires for e.g. "python-abi = 2.5" is automatically added. We also don't need the elaborate build requires, since all it does is query the currently installed version of python and require that you have it's appropriate python-devel installed. But if python-devel is installed at all, this should hold true. (Also, IMHO the .spec files should be removed from mercurial since they are automatically generated) Signed-off-by: Mark McLouglin <markmc@redhat.com>
* Add an LDAP attribute -> label mapping function to XML-RPC layerRob Crittenden2007-10-223-0/+44
| | | | Move some ACI functions around in preparation for cli delegation
* Remove dependency between ipa-pyton and ipa-serverKarl MacMillan2007-10-191-8/+5
| | | | | | | Current ipa-python imports and calls code from ipaserver (which is in the ipa-server package). This makes it impossible to use the admin tools or the ipa-python package on a system without the server bits installed. This fixes that in a fairly minimal way.
* Finish the email autosuggest.Kevin McCarthy2007-10-182-1/+24
| | | | | For now I've added a new API call. The field-specific searching is a ways off.
* Require SSL for the XML-RPC interfaceRob Crittenden2007-10-192-2/+2
|
* Make distclean work againRob Crittenden2007-10-191-2/+2
|
* Fix build issues by combining patches submitted by Michael Gregg andRob Crittenden2007-10-179-38/+46
| | | | | Karl MacMillan Remove #!/usr/bin/python from many files to quiet rpmlint
* Use setup.py for ipa-python from William Jon McCann <mccann@jhu.edu>.Karl MacMillan2007-10-164-34/+97
|
* Add basic delegation editing.Kevin McCarthy2007-10-151-0/+15
|
* Creates an update_entry api call, aliases update_user and update_group to it.Kevin McCarthy2007-10-152-0/+20
|
* Adds delegation listing and creation to the GUI.Kevin McCarthy2007-10-124-8/+65
|
* This is a really simple (and dumb) ACI parser for the ACI's weKevin McCarthy2007-10-112-0/+211
| | | | will need in the delegation UI.
* Combine get_user/group by dn/cn into get_entry_by_cn/dn.Kevin McCarthy2007-10-092-61/+44
| | | | Also a couple double-escaping fixes I missed in the last patch.
* Fixes none values in first/last name to display properly.Kevin McCarthy2007-10-041-2/+2
|
* Trickle the group_cn to group_dn down the layers. Fix controller calls.Kevin McCarthy2007-10-032-32/+32
|
* Try to catch more error conditions during installationrcritten@redhat.com2007-10-031-0/+5
| | | | | | Modify the way we detect SELinux to use selinuxenabled instead of using a try/except. Handle SASL/GSSAPI authentication failures when getting a connection
* Patch to fix the installer crashing if selinux is disabled. Also changesmccann@jhu.edu2007-10-021-1/+1
| | | | | | | the exception to contain the complete command. Add a check to make sure installer is running as root. Add signal handler to detect a user-cancelled installation. Detect existing DS instances and prompt to remove them.
* Do group operations based on the group DN, not the CNrcritten@redhat.com2007-10-021-1/+16
| | | | | Add new class of errors for connections Raise an exception if a connection cannot be made due to missing ccache
* Rely more on kerberos.Simo Sorce2007-10-012-16/+32
| | | | | | | Don't read ipa.conf to get the realm, the kerberos libs do that for you. Use the krbPrincipalName to change passwords Make it possible to specify the principal at user creation. Mail is not a required attribute so far, don't require it.
* Add group management to the user edit page.Kevin McCarthy2007-09-282-0/+45
| | | | Added a couple more API calls to make the inverse operations easier.
* Make timelimit a parameter to the find methods.Kevin McCarthy2007-09-272-8/+8
|
* Install the web guiKarl MacMillan2007-09-281-1/+2
| | | | | | | | | | | | | | | | | | | Install the turbogears web gui including an init script. This patch includes a few related changes: * create a production configuration * rename the web gui startup scrip to ipa-webgui * add an init script * chkconfig on the ipa-webgui init script * make the start script properly daemonize the app when not in a development directory. * Install everything to the correct places (/usr/sbin/ipa-webgui and /usr/share/ipa/ipagui mainly). There are some things still left to do: * Sort out the logging - the config needs to be adjusted so that logging messages end up in /var/log.
* Misc small fixesKarl MacMillan2007-09-281-1/+1
| | | | | | | * Remove the rpmbuild tree with the dist-clean target. * Move ipa-server-setupssl from /usr/sbin to /usr/share/ipa * Check in requirement change for generated freeipa-python.spec * Fix interactive hostname in ipa-server-install.
generated by cgit (git 2.34.1) at 2025-09-03 20:48:57 +0000