freeipa.git - FreeIPA patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Remove the global anonymous read ACI	Petr Viktorin	2014-05-26	1	-96/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Also remove - the deny ACIs that implemented exceptions to it: - no anonymous access to roles - no anonymous access to member information - no anonymous access to hbac - no anonymous access to sudo (2×) - its updater plugin Part of the work for: https://fedorahosted.org/freeipa/ticket/3566 Reviewed-By: Martin Kosek <mkosek@redhat.com>
*	Add HOTP support	Nathaniel McCallum	2014-02-21	1	-1/+1
\| \| \| \|	Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
*	Convert remaining update code to LDAPEntry API.	Jan Cholasta	2014-01-24	1	-2/+2
\|
*	Do not fail upgrade if the global anonymous read ACI is not found	Petr Viktorin	2013-10-04	1	-2/+6
\| \| \| \| \| \|	This helps forward compatibility: the anon ACI is scheduled for removal. https://fedorahosted.org/freeipa/ticket/3956
*	Permit reads to ipatokenRadiusProxyUser objects	Nathaniel McCallum	2013-07-11	1	-1/+1
\| \| \| \| \| \|	This fixes an outstanding permissions issue from the OTP work. https://fedorahosted.org/freeipa/ticket/3693
*	Add IPA OTP schema and ACLs	Nathaniel McCallum	2013-05-17	1	-7/+18
\| \| \| \| \| \| \| \| \| \|	This commit adds schema support for two factor authentication via OTP devices, including RADIUS or TOTP. This schema will be used by future patches which will enable two factor authentication directly. https://fedorahosted.org/freeipa/ticket/3365 http://freeipa.org/page/V3/OTP
*	Update anonymous access ACI to protect secret attributes.	Rob Crittenden	2013-01-23	1	-0/+81
	Update anonymous access ACI so that no users besides Trust Admins users can read AD Trust key attributes (ipaNTTrustAuthOutgoing, ipaNTTrustAuthIncoming). The change is applied both for updated IPA servers and new installations.