diff options
author | Martin Kosek <mkosek@redhat.com> | 2013-02-07 14:52:35 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2013-02-12 10:37:47 +0100 |
commit | 827ea50566dbb2a0906da76d318a2ba68a4b818e (patch) | |
tree | 70afff4fc80c28fe548b0b020acdcaa02ef3e212 /ipalib | |
parent | d4d19ff4231c2643ed2008ed2c8870419ae02aac (diff) | |
download | freeipa-827ea50566dbb2a0906da76d318a2ba68a4b818e.tar.gz freeipa-827ea50566dbb2a0906da76d318a2ba68a4b818e.tar.xz freeipa-827ea50566dbb2a0906da76d318a2ba68a4b818e.zip |
ipa-kdb: read SID blacklist from LDAP
SIDs in incoming MS-PAC were checked and filtered with a fixed list of
well-known SIDs. Allow reading the SID blacklist from LDAP
(ipaNTSIDBlacklistIncoming and ipaNTSIDBlacklistOutgoing) and add the list
to mspac adtrust structure. Use the hardcoded SID list only if the LDAP
SID list is not configured.
LIMITATION: SID blacklist list is not used yet.
https://fedorahosted.org/freeipa/ticket/3289
Diffstat (limited to 'ipalib')
0 files changed, 0 insertions, 0 deletions