IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
14,730 Commits 11 Branches 60 Tags 60 MiB
1a539984c7
Commit Graph

14730 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Karl MacMillan
c397041bfa Merge. 0001-01-01 00:00:00 +00:00
Rob Crittenden
2fbe5cbf49 Phase 1 of allowing admins to set the default object classes for users & groups 
This adds the UI and does error checking of the selected object classes but
it doesn't actually use the values yet.

It also generalizes some functions for doing multi-valued fields.
 2007-12-04 13:18:37 -05:00
Rob Crittenden
69765f52ce Groups may be iterated over so should be an empty list, not None 2007-12-05 15:12:24 -05:00
Karl MacMillan
148a55811d Return a proper error code from ipa-webgui so that 
the init script can indicate when the service
fails to start.
 0001-01-01 00:00:00 +00:00
Rob Crittenden
23ffab533f Make the old entry option in update_*, check for empty parameters and 
fix some problems reported by pychecker.
 2007-12-11 17:34:15 -05:00
Rob Crittenden
5c217ce31a Change from "Common Name" to "Full Name" 2007-12-11 15:14:29 -05:00
Rob Crittenden
10ac6c3c61 Enable searching for multiple things at once 2007-12-11 15:06:01 -05:00
Simo Sorce
5215b21ea4 merge with upstream 2007-12-11 14:19:10 -05:00
Simo Sorce
4f0b215414 Make sure we don't keep around old keys. 
Fixes problem changing passwords seen only on servers where
re-installations where performed (and old secrets piled up)
 2007-12-11 12:25:58 -05:00
Simo Sorce
75493763f6 iMerge with upstream 2007-12-11 11:00:24 -05:00
Simo Sorce
0614024566 Minor fix 2007-12-11 10:59:07 -05:00
Simo Sorce
463a0462d3 Make admintools discover the domain using DNS calls to find the LDAP server. 2007-12-11 10:58:39 -05:00
Simo Sorce
a5617680ba Move dnsclient into ipa-python so that I will be able to use it in ipaconfig 2007-12-10 16:31:21 -05:00
Karl MacMillan
9038bf71dd Move packages to ipa from freeipa. 0001-01-01 00:00:00 +00:00
Karl MacMillan
8f4362f2f2 Enable referential integrity plugin. 0001-01-01 00:00:00 +00:00
Rob Crittenden
010fb65bfd define Self-Service as editting your own record. 
This has the side-effect of removing the realm from Loggin in as. This
can be changed by using user_name instead of display_name in master.kid.
 2007-11-02 17:41:24 -04:00
Rob Crittenden
9d24003528 Distinguish between active and inactive users on the Find People page. 2007-11-02 11:42:38 -04:00
Rob Crittenden
c54826653f 'make all' needs to depend on autogen.sh but we don't want to re-run it 
on every iteration. This lets the top-level 'make install' work properly.
 2007-11-02 11:34:02 -04:00
Rob Crittenden
dc01ea0fe6 groups come back as a list where the first element is the number of 
groups returned. Skip that element.
 2007-11-02 11:35:50 -04:00
Karl MacMillan
90d6fefe32 Fix errors with ipautil.CalledProcessError and cleanup some imports. 0001-01-01 00:00:00 +00:00
Karl MacMillan
b202b6cc31 Bump the version numbers for release. Also remove 
specific version check on freeradius. Packages aren't
available and the freeradius support isn't ready
anyway.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
36e43aed1b NTP configuration for client and server. 
Configure ipa servers as an ntp server and clients
to (by default) us the ipa server as an ntp server.

Also corrected the messages about which ports should
be opened.
 0001-01-01 00:00:00 +00:00
Rob Crittenden
6a0ca23577 Update the UI look and feel 2007-11-01 16:15:32 -04:00
Simo Sorce
77a105688c Fix ticket #70 2007-11-01 13:56:03 -04:00
Rob Crittenden
10917161a7 Use proper method of retrieving attributes 2007-11-01 13:21:13 -04:00
Rob Crittenden
a51dd58278 TurboGears log files and log rotation 
The error log is rotated weekly on Sunday. 4 backups are saved.

The access log is not stored since it would be a duplicate of the
Apache logs. It can be enabled if desired.

Had to move the call to daemonize() in ipa-webgui so that the
fork is done before TurboGears is initialized. Otherwise the log
files end up getting closed.
 2007-11-01 11:55:53 -04:00
Rob Crittenden
d9f809746b Completely remove an attribute 2007-10-31 17:11:55 -04:00
Karl MacMillan
67cddce4d4 Generate master password from Simo. 0001-01-01 00:00:00 +00:00
Karl MacMillan
83592ebada Added tag milestone_4_1 for changeset 77f4aaa4e4bd 0001-01-01 00:00:00 +00:00
Karl MacMillan
7ce4df7038 Added replication.py 0001-01-01 00:00:00 +00:00
Karl MacMillan
c0ae2b2f85 Removed tag mileston_4_1 0001-01-01 00:00:00 +00:00
Karl MacMillan
c373ed5c5c Initial replication setup. 
This add replication setup through two new commands: ipa-replica-prepare
and ipa-replica-install. The procedure is to run ipa-replica-prepare
on an existing master. This will collect information about the realm
and the current master and create a file storing all of the information.
After copying that file to the new replica, ipa-replica-install is
run (with -r to create a read-only replica).

This version of the patch also includes fixes for the sasl mappings
on the replicas.

Remaining features:
- ssl for replication.
- automatic configuration of mesh topology for
  master (or a simpler way to replicate multiple
  masters.
- tool for view / configuring current replication.
 0001-01-01 00:00:00 +00:00
Simo Sorce
b456d8424a more s/unique// wrt groups members/objectclasses 2007-11-21 16:07:07 -05:00
Simo Sorce
3580d0affb Use groupOfNames and member, not groupOfUniqueNames and uniqueMember 2007-11-20 10:22:43 -05:00
Simo Sorce
bec524485a Fix subtle errors in kpasswd 2007-11-20 17:41:26 -05:00
Rob Crittenden
d3d89f754b Use same tzinfo as the time parser to avoid TypeError from being thrown 2007-11-21 00:27:50 -05:00
Rob Crittenden
bf743087d2 Fix indentation error that occured in merge 2007-11-21 00:29:03 -05:00
Rob Crittenden
f42f1f44c8 Enable group inactivation by using the Class of Service plugin. 
This adds 2 new groups: activated and inactivated.

If you, or a group you are a member of, is in inactivated then you are too.

If you, or a group you are a member of, is in the activated group, then you
are too.

In a fight between activated and inactivated, activated wins.

The DNs for doing this matching is case and white space sensitive.

The goal is to never have to actually set nsAccountLock in a user directly
but move them between these groups.

We need to decide where in the CLI this will happen. Right it is split
between ipa-deluser and ipa-usermod. To inactivate groups for now just
add the group to inactivate or active.
 2007-11-20 22:45:29 -05:00
Simo Sorce
56d67b86e1 Fix bad segfault when pwvals is null 2007-11-19 19:34:27 -05:00
Simo Sorce
44f9f13e17 Remove default SASL mappings if any to avoid conflicts with IPA SASL mappings 2007-11-19 19:34:10 -05:00
Simo Sorce
c6532b621d fix ldif typo 2007-11-19 19:33:36 -05:00
Karl MacMillan
a7d1987ec3 Added tag mileston_4_1 for changeset bda291e79a4f 0001-01-01 00:00:00 +00:00
Karl MacMillan
6d3fa7f892 Minor fixes. 0001-01-01 00:00:00 +00:00
Karl MacMillan
29c0668e98 Bump versions for release. 0001-01-01 00:00:00 +00:00
Simo Sorce
51a5130227 Properly increment kvno and keep recent key material around 
This is necessary for services that need to be able to respond
to requests from client that acquired a service ticket just before
a password change.
 2007-10-31 10:52:44 -04:00
Karl MacMillan
164076a76e Add pyasn1 requirement to rpms. 0001-01-01 00:00:00 +00:00
Simo Sorce
a0d8d87b97 Fix installation 
Add missing schema for GUI Config, and missing objectclass for cn=accounts
container
 2007-11-18 15:02:26 -05:00
Simo Sorce
d5c269c8eb Merge upstream and fix bad suffix in default-aci 2007-11-18 14:27:25 -05:00
Simo Sorce
b51f4b28ec - Set correct values in ipa.conf during client install so that admin tools can 
reach the xml-rpc server.
- Assume the kdc/ldap server == xml-rpc server for v1.


Initial code to read the Kerberos Master Key from the Directory
 2007-11-16 20:18:36 -05:00
Simo Sorce
de5a54ef75 - Set correct values in ipa.conf during client install so that admin tools can 
reach the xml-rpc server.
- Assume the kdc/ldap server == xml-rpc server for v1.


Initial code to read the Kerberos Master Key from the Directory
 2007-11-16 20:18:36 -05:00