sssd.git/src/providers/ldap/sdap_async.c, branch simo Unnamed repository; edit this file to name it for gitweb. Change pam data auth tokens. 2013-01-10T17:24:59+00:00 Simo Sorce simo@redhat.com 2012-10-18T22:43:56+00:00 64af76e2bef2565caa9738f675c108a4b3789237 Use the new authtok abstraction and interfaces throught the code. 
Use the new authtok abstraction and interfaces throught the code.
AD: Detect domain controller compatibility version 2012-09-24T13:00:11+00:00 Stephen Gallagher sgallagh@redhat.com 2012-09-18T18:24:38+00:00 e6ba224432bfcd64802222a3544bc38c179727cd 






Fixed wrong number in shadowLastChange
2012-07-16T14:25:26+00:00

Jan Zeleny
jzeleny@redhat.com

2012-07-16T12:42:27+00:00

33988e421afa86892a732cc74c153fdc5be8703b

The attribute is supposed to contain number of days since the epoch, not
the number of seconds.





The attribute is supposed to contain number of days since the epoch, not
the number of seconds.







LDAP: Auto-detect support for the ldap match rule
2012-06-13T14:01:12+00:00

Stephen Gallagher
sgallagh@redhat.com

2012-06-13T00:29:26+00:00

2c62da337e31217d03f5bf0f768b574d166bb2fe

This patch extends the RootDSE lookup so that we will perform a
second request to test whether the match rule syntax can be used.

If both groups and initgroups are disabled in the configuration,
this lookup request can be skipped.





This patch extends the RootDSE lookup so that we will perform a
second request to test whether the match rule syntax can be used.

If both groups and initgroups are disabled in the configuration,
this lookup request can be skipped.







Ghost members - removed sdap_check_aliases()
2012-05-31T19:46:27+00:00

Jan Zeleny
jzeleny@redhat.com

2012-04-23T09:13:48+00:00

f56e704cf0b3b0e9e997e96221fa82d488ee8ca7

This function is no longer necessary because we don't have fake user
entries any more. The original purpose of this function was to check if
there are fake user entries for particular user and, if yes, to update
its membership.





This function is no longer necessary because we don't have fake user
entries any more. The original purpose of this function was to check if
there are fake user entries for particular user and, if yes, to update
its membership.







Warn to syslog when dereference requests fail
2012-05-22T13:11:13+00:00

Ariel Barria
arielb@fedoraproject.org

2012-05-22T12:13:21+00:00

02837b3dda135680051067223b6b30a7e65d1740












LDAP: Handle very large Active Directory groups
2012-05-10T15:34:46+00:00

Stephen Gallagher
sgallagh@redhat.com

2012-05-08T12:47:33+00:00

ae8d047122c7ba8123f72b2eac68944868ac37d4

Active Directory 2008R2 allows only 1500 group members to be
retrieved in a single lookup. However, when we hit such a
situation, we can take advantage of the ASQ lookups, which are not
similarly limited.

With this patch, we will add any members found by ASQ that were
not found by the initial lookup so we will end with a complete
group listing.

https://fedorahosted.org/sssd/ticket/783





Active Directory 2008R2 allows only 1500 group members to be
retrieved in a single lookup. However, when we hit such a
situation, we can take advantage of the ASQ lookups, which are not
similarly limited.

With this patch, we will add any members found by ASQ that were
not found by the initial lookup so we will end with a complete
group listing.

https://fedorahosted.org/sssd/ticket/783







Special-case LDAP_SIZELIMIT_EXCEEDED
2012-05-07T18:35:49+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-05-04T14:52:49+00:00

4627cf4d8a949d1d7b4a9b24f9ad3b9a06d5b5bc

Previous version of the SSSD did not abort the async LDAP search
operation on errors. In cases where the request ended in progress, such
as when the paging was very strictly limited, the old versions at least
returned partial data.

This patch special-cases the LDAP_SIZELIMIT_EXCEEDED error to avoid a
user-visible regression.

https://fedorahosted.org/sssd/ticket/1322





Previous version of the SSSD did not abort the async LDAP search
operation on errors. In cases where the request ended in progress, such
as when the paging was very strictly limited, the old versions at least
returned partial data.

This patch special-cases the LDAP_SIZELIMIT_EXCEEDED error to avoid a
user-visible regression.

https://fedorahosted.org/sssd/ticket/1322







Read sysdb attribute name, not LDAP attribute map name
2012-05-03T17:46:59+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-05-03T15:15:09+00:00

dbdf6911688315515a36bb91786108a95d033128

https://fedorahosted.org/sssd/ticket/1320





https://fedorahosted.org/sssd/ticket/1320







sdap_check_aliases must not error when detects the same user
2012-04-20T14:55:14+00:00

Jakub Hrozek
jhrozek@redhat.com

2012-04-18T10:54:21+00:00

f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485

https://fedorahosted.org/sssd/ticket/1307





https://fedorahosted.org/sssd/ticket/1307