freeipa.git/daemons, branch webui-details FreeIPA patches Include missing file from version plugin and update min version of 389-ds 2010-06-24T21:29:31+00:00 Rob Crittenden rcritten@redhat.com 2010-06-24T21:28:29+00:00 97bd59d869a4eafb00574f26ba46ae5a4e0d465f 






Don't try to convert a host's password into a keytab.
2010-06-24T18:24:15+00:00

Rob Crittenden
rcritten@redhat.com

2010-06-11T20:12:29+00:00

c5bdfc71939ad5338c707cb6c6b0d2187d78b801

The migration plugin uses a pre-op function to automatically create
kerberos credentials when binding using a password.

The problem is that we do a simple bind when doing password-base
host enrollment. This was causing krbPasswordExpiration to be set
which isn't what we want for hosts. They really shouldn't go through
this code at all.





The migration plugin uses a pre-op function to automatically create
kerberos credentials when binding using a password.

The problem is that we do a simple bind when doing password-base
host enrollment. This was causing krbPasswordExpiration to be set
which isn't what we want for hosts. They really shouldn't go through
this code at all.







Replication version checking.
2010-06-24T14:33:53+00:00

Rob Crittenden
rcritten@redhat.com

2010-06-24T14:31:52+00:00

09fb073e8210f1c8239c0b253672e613822fc553

Whenever we upgrade IPA such that any data incompatibilities might occur
then we need to bump the DATA_VERSION value so that data will not
replicate to other servers. The idea is that you can do an in-place
upgrade of each IPA server and the different versions own't pollute
each other with bad data.





Whenever we upgrade IPA such that any data incompatibilities might occur
then we need to bump the DATA_VERSION value so that data will not
replicate to other servers. The idea is that you can do an in-place
upgrade of each IPA server and the different versions own't pollute
each other with bad data.







Don't require kerberos principal with the LDAP password change operation.
2010-04-23T19:22:28+00:00

Rob Crittenden
rcritten@redhat.com

2010-04-23T15:36:03+00:00

ba85312bf1304d20f4199038bcf4a3f900dad7cf

This was preventing ldappasswd from resetting a password.

471287





This was preventing ldappasswd from resetting a password.

471287







Return more specific errors when returning an LDAP_OPERATIONS_ERROR
2010-04-23T19:22:24+00:00

Rob Crittenden
rcritten@redhat.com

2010-04-23T14:30:02+00:00

c7f50ac7efed5d5a3dc99e8d3b90c441601de2ec

472332





472332







Fix condition bug in ipa-pwd-extop plugin. Variable used uninitialized.
2010-02-04T16:09:59+00:00

Pavel Zuna
pzuna@redhat.com

2010-02-04T15:31:24+00:00

00b2f240f7f019c35ee4932eb5c9b43a3d4165c8












Add BIND pre-op for DS->IPA password migration to ipa-pwd-extop DS plugin.
2010-01-20T21:53:51+00:00

Pavel Zuna
pzuna@redhat.com

2009-09-04T12:51:28+00:00

ba0e7b9c68f48f8b5f4e4cc59c1fad1d80726275












Allow adding entries with pre-hashed passwords, but don't generate keys for them.
2010-01-20T21:53:41+00:00

root
root@testbox.winry

2009-10-19T12:53:40+00:00

fd5742cc7910bfe4bf896d0e5742a54380366e5e

Fix bug #528922.





Fix bug #528922.







No longer use the IPA-specific memberof plugin. Use the DS-supplied one.
2009-10-12T13:37:38+00:00

Rob Crittenden
rcritten@redhat.com

2009-10-09T21:07:03+00:00

342337a89330c4253b350cc06124aaa6747c5122












Add support for per-group kerberos password policy.
2009-10-05T19:29:55+00:00

Rob Crittenden
rcritten@redhat.com

2009-10-02T13:30:16+00:00

dac224c25a2ff8a1400d0a746f600f81cfad6901

Use a Class of Service template to do per-group password policy. The
design calls for non-overlapping groups but with cospriority we can
still make sense of things.

The password policy entries stored under the REALM are keyed only on
the group name because the MIT ldap plugin can't handle quotes in the
DN. It also can't handle spaces between elements in the DN.





Use a Class of Service template to do per-group password policy. The
design calls for non-overlapping groups but with cospriority we can
still make sense of things.

The password policy entries stored under the REALM are keyed only on
the group name because the MIT ldap plugin can't handle quotes in the
DN. It also can't handle spaces between elements in the DN.