| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
get_radius_profile_by_uid
add_radius_profile
update_radius_profile
delete_radius_profile
find_radius_profiles
Rewrite command line arg handling, now support pair entry, interactive
mode with auto completion, reading pairs from a file, better handling
of mandatory values, better help, long arg names now match attribute
name in pairs
Establish mappings for all attributes and names used in clients and
profiles
Add notion of containers to radius clients and profiles in LDAP
Move common code, variables, constants, and strings into the files
radius_client.py, radius_util.py, ipautil.py to eliminate redundant
elements which could get out of sync if modified and to provide access
to other code which might benefit from using these items in the
future.
Add utility functions:
format_list()
parse_key_value_pairs()
Add utility class:
AttributeValueCompleter
Unify attribute usage in radius ldap schema
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| | |
| |
| |
| | |
add the radiusprofile to the list of objectclasses used when creating a user
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
|
| |
add the radiusprofile to the list of objectclasses used when creating a user
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1) Add a base class for all of the instance objects.
2) Normalize usage of logging.
3) General cleanups of ipa-server-install.
4) Make better use of httpinstance.
5) Add webguiinstance.
6) Improve progress reporting during installation.
Works Here (TM), but it would be nice to get someone else
to test since this moves code around a bit.
|
| | |
|
| | |
|
| |
|
|
|
| |
This has the side-effect of removing the realm from Loggin in as. This
can be changed by using user_name instead of display_name in master.kid.
|
| | |
|
| |
|
|
| |
groups returned. Skip that element.
|
| |
|
|
|
|
|
|
| |
Configure ipa servers as an ntp server and clients
to (by default) us the ipa server as an ntp server.
Also corrected the messages about which ports should
be opened.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The error log is rotated weekly on Sunday. 4 backups are saved.
The access log is not stored since it would be a duplicate of the
Apache logs. It can be enabled if desired.
Had to move the call to daemonize() in ipa-webgui so that the
fork is done before TurboGears is initialized. Otherwise the log
files end up getting closed.
|
| | |
|
| |
|
|
|
|
| |
This is necessary for services that need to be able to respond
to requests from client that acquired a service ticket just before
a password change.
|
| | |
|
| |
|
|
| |
Fix a bug in the local transport version of memberOf()
|
| |
|
|
| |
Make find-groups use memberOf to have a prettier dispaly of members
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
http://hostname/config so users can point their MIT client at the IPA
server and automatically fetch the configuration.
|
| |
|
|
| |
NOTE: this doesn't handle referential integrity.
|
| | |
|
| |
|
|
|
|
| |
user -> user_fields
group -> group_fields
delegate -> delegate_fields
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a couple of buglets with read_ip_address():
1) It writes host_name to /etc/hosts, but isn't currently
being passed host_name
2) It doesn't return the IP address even though the caller
expects it
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
| |
|
|
| |
Ignore errors if setsebool fails and print a warning.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
After looking into setting up ntpd on the IPA servers I decided it
was better just to warn admins. There are just too many valid setups
for time synchronization for us to try to get this right. Additionally,
just installing ntp and accepting the default config will result in
a configuration that is perfectly valid for IPA.
This patch checks if ntpd is running and suggests enabling it if it
is not - for client and server. It also adds some suggested next
steps to the server installation.
|
| | |
|
| | |
|
| |
|
|
| |
Move some ACI functions around in preparation for cli delegation
|
| |
|
|
| |
to be available to the XML-RPC interface
|
| | |
|
| |
|
|
|
|
|
| |
Current ipa-python imports and calls code from ipaserver (which is in
the ipa-server package). This makes it impossible to use the admin
tools or the ipa-python package on a system without the server bits
installed. This fixes that in a fairly minimal way.
|
| |
|
|
|
| |
For now I've added a new API call. The field-specific searching is
a ways off.
|
| |
|
|
| |
using mod_nss with mod_proxy.
|
| | |
|
| |
|
|
|
|
|
| |
The use of a uuid for the DS instance name is overkill and it is a real
pain. This patch will use ipa-realm-name instead (resulting in something
like slapd-EXAMPLE-COM). All periods are converted to "-" because the DS
can't handle periods in server ids.
|
| | |
|
