summaryrefslogtreecommitdiffstats
path: root/ipa-server/xmlrpc-server/funcs.py
Commit message (Collapse)AuthorAgeFilesLines
* Service principal deletionRob Crittenden2008-01-111-0/+20
|
* Add function to retrieve a short list of attributes to make ipa-adddelegationRob Crittenden2008-01-041-0/+7
| | | | easier to use.
* In add_service_principal() don't let the user pass in the realm.Rob Crittenden2008-01-071-0/+4
| | | | This could result in a principal of the form: service/host@something@REALM
* Finishe removing previous code to fetch keytabsSimo Sorce2007-12-211-33/+0
|
* Make the old entry option in update_*, check for empty parameters andRob Crittenden2007-12-111-58/+222
| | | | fix some problems reported by pychecker.
* Enable searching for multiple things at onceRob Crittenden2007-12-111-1/+1
|
* Tie the logging module to 'PythonOption IPADebug' in /etc/httpd/conf.d/ipa.confRob Crittenden2007-12-111-5/+1
|
* Merge.Karl MacMillan2007-12-111-9/+159
|\
| * Remove some debugging statementsRob Crittenden2007-12-101-2/+0
| |
| * Make uid an editable field in the Edit UI so we can do RDN changesRob Crittenden2007-12-061-3/+6
| | | | | | | | | | | | | | Fix group RDN changes Remove a copy/paste error in the group UI update that caused 2 updates Fix variable name so groups don't get user objectclasses Remove color CSS for field backgrounds as they override disabled field display
| * Utilize user and group objectclass lists in cn=ipaconfigRob Crittenden2007-12-061-4/+22
| | | | | | | | Change the syntax on user and group objectclasses in cn=ipaconfig
| * Move dn removal to the XML-RPC side and remove empty attributesRob Crittenden2007-12-051-2/+23
| |
| * Add UI for service principal creation and keytab retrievalRob Crittenden2007-12-051-1/+72
| |
| * Phase 1 of allowing admins to set the default object classes for users & groupsRob Crittenden2007-12-041-0/+39
| | | | | | | | | | | | | | This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields.
* | mergeJohn Dennis2007-12-041-30/+63
|\|
| * Convert krbmaxpwdlife and krbminpwdlife from seconds into days and hoursRob Crittenden2007-12-031-5/+16
| |
| * Compatibility changes to work on RHEL 5 with python 2.4rcritten@redhat.com2007-11-301-5/+6
| |
| * Revert logging setup change because it has unintendedKarl MacMillan2007-12-031-3/+3
| | | | | | | | consequences during ipa-server-install.
| * Require that the default users group existsRob Crittenden2007-11-301-8/+19
| | | | | | | | Fix some copy-paste errors from the password policy update
| * Don't allow the admins or editors groups to be removed.Rob Crittenden2007-11-301-0/+10
| | | | | | | | Don't allow the default group for users to be removed.
| * Remove optional arguments from the XML-RPC interfaceRob Crittenden2007-11-291-15/+15
| |
* | fix merge errorJohn Dennis2007-11-291-44/+0
| |
* | merged radius work with latest mainline tipJohn Dennis2007-11-281-53/+409
|\|
| * Add xml-rpc interface for getting keytabs.Karl MacMillan2007-11-211-0/+67
| | | | | | | | Warning: this lacks any sort of authorization.
| * Generate master password from Simo.Karl MacMillan2007-11-211-3/+3
| |
| * Use groupOfNames and member, not groupOfUniqueNames and uniqueMemberSimo Sorce2007-11-201-16/+16
| |
| * Enable group inactivation by using the Class of Service plugin.Rob Crittenden2007-11-201-16/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds 2 new groups: activated and inactivated. If you, or a group you are a member of, is in inactivated then you are too. If you, or a group you are a member of, is in the activated group, then you are too. In a fight between activated and inactivated, activated wins. The DNs for doing this matching is case and white space sensitive. The goal is to never have to actually set nsAccountLock in a user directly but move them between these groups. We need to decide where in the CLI this will happen. Right it is split between ipa-deluser and ipa-usermod. To inactivate groups for now just add the group to inactivate or active.
| * Implement the password policy UI and finish IPA policy UIRob Crittenden2007-11-161-55/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This includes a default password policy Custom fields are now read from LDAP. The format is a list of dicts with keys: label, field, required. The LDAP-based configuration now specifies: ipaUserSearchFields: uid,givenName,sn,telephoneNumber,ou,title ipaGroupSearchFields: cn,description ipaSearchTimeLimit: 2 ipaSearchRecordsLimit: 0 ipaCustomFields: ipaHomesRootDir: /home ipaDefaultLoginShell: /bin/sh ipaDefaultPrimaryGroup: ipausers ipaMaxUsernameLength: 8 ipaPwdExpAdvNotify: 4 This could use some optimization.
| * Use the dna plugin to automatically assign uidRob Crittenden2007-11-131-7/+14
| | | | | | | | | | Set gid to the group "ipausers" Add the user to this default group
| * Allow a user or group to change an attribute in its RDNRob Crittenden2007-11-121-4/+84
| | | | | | | | | | Add secretary to the list of indexes otherwise RDN changing could be slow Port --addattr, --setattr and --delattr from usermod to groupmod
| * Handle ldap.UNWILLING_TO_PERFORM more gracefullyRob Crittenden2007-11-091-1/+4
| |
* | add command line utilites for radius profilesJohn Dennis2007-11-261-5/+6
| |
* | Add radius profile implementations:John Dennis2007-11-211-25/+130
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | get_radius_profile_by_uid add_radius_profile update_radius_profile delete_radius_profile find_radius_profiles Rewrite command line arg handling, now support pair entry, interactive mode with auto completion, reading pairs from a file, better handling of mandatory values, better help, long arg names now match attribute name in pairs Establish mappings for all attributes and names used in clients and profiles Add notion of containers to radius clients and profiles in LDAP Move common code, variables, constants, and strings into the files radius_client.py, radius_util.py, ipautil.py to eliminate redundant elements which could get out of sync if modified and to provide access to other code which might benefit from using these items in the future. Add utility functions: format_list() parse_key_value_pairs() Add utility class: AttributeValueCompleter Unify attribute usage in radius ldap schema
* | add ipa-findradiusclient searchJohn Dennis2007-11-141-0/+31
| |
* | radius client modify and delete workJohn Dennis2007-11-141-5/+24
| |
* | ipa-addradiusclient now workingJohn Dennis2007-11-131-3/+19
| |
* | checkpoint radius client workJohn Dennis2007-11-131-0/+25
|\|
| * remove offensive use of rpmJohn Dennis2007-11-061-1/+1
| | | | | | | | add the radiusprofile to the list of objectclasses used when creating a user
* | remove offensive use of rpmJohn Dennis2007-11-061-1/+1
|/ | | | add the radiusprofile to the list of objectclasses used when creating a user
* Rename memberOf to group_members in xml-rpc interface.Karl MacMillan2007-10-311-1/+1
|
* Add memberOf API call to the XML-RPC interfaceRob Crittenden2007-10-301-0/+31
| | | | Make find-groups use memberOf to have a prettier dispaly of members
* Add delete user and group to webgui.Kevin McCarthy2007-10-231-3/+2
| | | | NOTE: this doesn't handle referential integrity.
* Add an LDAP attribute -> label mapping function to XML-RPC layerRob Crittenden2007-10-221-0/+11
| | | | Move some ACI functions around in preparation for cli delegation
* update_user and update_group need to be defined differently in orderRob Crittenden2007-10-221-2/+6
| | | | to be available to the XML-RPC interface
* Finish the email autosuggest.Kevin McCarthy2007-10-181-1/+10
| | | | | For now I've added a new API call. The field-specific searching is a ways off.
* Creates an update_entry api call, aliases update_user and update_group to it.Kevin McCarthy2007-10-151-6/+6
|
* Adds delegation listing and creation to the GUI.Kevin McCarthy2007-10-121-0/+9
|
* Remove buggy connection caching. Create a new connection for each LDAPRob Crittenden2007-10-121-36/+7
| | | | request.
* Add inetUser objectclass. Remove test-users ldif.Kevin McCarthy2007-10-111-3/+5
|
* Refactor the __get_entry into __get_base_entry and __get_sub_entry().Kevin McCarthy2007-10-111-11/+31
| | | | | The API needs to be thought about, but this is a quick fix w/minimal impact to allow get_entry_by_dn do work on non-leaf entries.
generated by cgit (git 2.34.1) at 2025-09-05 03:42:49 +0000