sssd.git/server/confdb, branch ipa_provider_n2 Unnamed repository; edit this file to name it for gitweb. Add offline_timeout option 2009-12-09T13:03:48+00:00 Sumit Bose sbose@redhat.com 2009-11-20T14:07:37+00:00 869a7a600be21a2a2a319ce354cf31e45656ad22 






Make the password field configurable in NSS
2009-11-18T22:35:10+00:00

Jakub Hrozek
jhrozek@redhat.com

2009-11-09T17:38:09+00:00

15dc6329c159e3f03e25cc18a49681e0f4be9c51

Per the discussion on sssd-devel list, nss_sss should not return a
hardcoded value but this should rather be configurable to allow whatever
the OS or distribution thinks is the best for the particular case.

Fixes: #266





Per the discussion on sssd-devel list, nss_sss should not return a
hardcoded value but this should rather be configurable to allow whatever
the OS or distribution thinks is the best for the particular case.

Fixes: #266







Fix option name krb5_changepw_principal
2009-11-13T12:20:06+00:00

Sumit Bose
sbose@redhat.com

2009-11-12T09:54:23+00:00

0922a8897a6ae1ce7b7c994df0a5cb99c36bfd9c












Update midpoint refresh logic to be relative to cache timeout
2009-11-05T19:55:19+00:00

Stephen Gallagher
sgallagh@redhat.com

2009-11-05T16:23:06+00:00

ea95b9ecd144423cd70d3790c97a3e7277fa9d02












Move responsibility for entry expiration timeout
2009-10-27T14:42:12+00:00

Simo Sorce
ssorce@redhat.com

2009-10-24T17:36:34+00:00

3a21103f61bf9b60256cc2d0da54b757b634319f

The providers are now responsible for determining how long a cached
entry is considered valid. The default is the same as before (600s)





The providers are now responsible for determining how long a cached
entry is considered valid. The default is the same as before (600s)







Add support for offline auth cache timeout
2009-10-22T19:43:01+00:00

Stephen Gallagher
sgallagh@redhat.com

2009-10-22T15:58:06+00:00

c2d7b2271eafd27b41736624e4e5da121073279d

This adds a new option (offline_credentials_expiration) to the
[PAM] section of the sssd.conf

If the user does not perform an online authentication within the
timeout (in days), they will be denied auth once the timeout
passes.





This adds a new option (offline_credentials_expiration) to the
[PAM] section of the sssd.conf

If the user does not perform an online authentication within the
timeout (in days), they will be denied auth once the timeout
passes.







User home directories management
2009-10-22T18:04:28+00:00

Jakub Hrozek
jhrozek@redhat.com

2009-10-05T17:45:03+00:00

f3bc40136878ab91cb98f1b206ff9517000112f7

Create and populate user directories on useradd, delete them on userdel

Fixes: #212





Create and populate user directories on useradd, delete them on userdel

Fixes: #212







Do not allow setting auth, access or chpass providers for LOCAL
2009-10-16T18:41:36+00:00

Stephen Gallagher
sgallagh@redhat.com

2009-10-16T18:17:23+00:00

6d214009697fc861c24ae8abbf8b036c70e195df

The LOCAL provider does not have a mechanism to load alternate
auth, access or chpass backends, nor does it make sense to do so.

This will throw a configuration error if these values are
specified (unless they are explicitly also set to 'local')





The LOCAL provider does not have a mechanism to load alternate
auth, access or chpass backends, nor does it make sense to do so.

This will throw a configuration error if these values are
specified (unless they are explicitly also set to 'local')







Remove magicPrivateGroups option
2009-10-09T20:11:26+00:00

Simo Sorce
ssorce@redhat.com

2009-10-06T16:12:21+00:00

b0c4751808040afdc15ca801619c43fe192c6a35

In sssd only local is a native mpg domain, and it is forced.
All other providers will have to unroll mpg users into a user/group pair of
entries in the db. This allows the provider to automatically establish if
the remote server provides mpg users w/o possibily conflicting manual
configurations on the client trying to force an mpg behavior where none
is provided.





In sssd only local is a native mpg domain, and it is forced.
All other providers will have to unroll mpg users into a user/group pair of
entries in the db. This allows the provider to automatically establish if
the remote server provides mpg users w/o possibily conflicting manual
configurations on the client trying to force an mpg behavior where none
is provided.







Remove unused btreemap code
2009-10-06T18:46:54+00:00

Stephen Gallagher
sgallagh@redhat.com

2009-10-06T14:43:56+00:00

c7ac7a54ad32a53b866151663172acad2e82c8ee

We have converted to using dhash in place of btreemap everywhere
in the code.





We have converted to using dhash in place of btreemap everywhere
in the code.