IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-06 22:33:00 -06:00
Code Issues Packages Projects Releases Wiki Activity
464 Commits 11 Branches 59 Tags 60 MiB
647063253e
Commit Graph

379 Commits

Author SHA1 Message Date
Simo Sorce
647063253e Fix kdec.length or we may try to double free() or free() uninitiualized data. 2007-12-07 18:09:49 -05:00
Simo Sorce
0b51e32699 merge from upstream 2007-12-07 17:38:15 -05:00
Simo Sorce
11559e9a69 we *may* require it, it depend on the ditro in F8 cahing daemon configuration has been 
incorporated in the default bind install.
 2007-12-07 17:36:14 -05:00
Rob Crittenden
b3fa02225a Add back in some CSS that was removed in the big UI update. 
This adds back required field colors and colored error and warning msgs.
 2007-12-05 16:15:52 -05:00
Rob Crittenden
03fe2a8d6a Increase default max password lifetime from 10 to 90 days 2007-12-03 18:09:14 -05:00
Karl MacMillan
4e377ad7e8 Fix message about no spaces in password - spaces work 
fine with ssl setup shell script removed.
 0001-01-01 00:00:00 +00:00
Rob Crittenden
99c676702b The uid_hidden field needs to be retained until after validation succeeds 
otherwise if it ever fails, uid_hidden will be lost which can cause uid
to not be set which cascades into lots of other errors.
 2007-12-06 17:00:38 -05:00
Rob Crittenden
04cccd4426 Improve the error message when an entry is not found. 
We used to return the entire argument string ala:

('dc=freeipa,dc=org', 2, 'uid=foo', ['*'])

This adds a regex to try to print anything after = in the filter.
Not perfect but better.
 2007-12-06 16:48:26 -05:00
Rob Crittenden
2a2d866552 Make uid an editable field in the Edit UI so we can do RDN changes 
Fix group RDN changes
Remove a copy/paste error in the group UI update that caused 2 updates
Fix variable name so groups don't get user objectclasses
Remove color CSS for field backgrounds as they override disabled field display
 2007-12-06 15:36:42 -05:00
Rob Crittenden
6ea3d9610e Utilize user and group objectclass lists in cn=ipaconfig 
Change the syntax on user and group objectclasses in cn=ipaconfig
 2007-12-06 00:30:26 -05:00
Karl MacMillan
f07cd5a5ad Update build requires for libcap. 0001-01-01 00:00:00 +00:00
Simo Sorce
92d773dc30 Improved ACIs 2007-11-30 16:57:48 -05:00
Simo Sorce
86c78cbe75 minor typos 2007-11-30 16:58:02 -05:00
rcritten@redhat.com
c32a960cae Compatibility changes to work on RHEL 5 with python 2.4 2007-11-30 15:53:02 -05:00
Simo Sorce
b04bed4e82 Min Pwd Change Time Check after Password reset and other minor fixes 2007-11-30 16:57:19 -05:00
Karl MacMillan
ca118de76c Merge. 0001-01-01 00:00:00 +00:00
Rob Crittenden
86d80f12ca Add some javascript so we can put focus on the first field of the page. 2007-12-06 17:49:56 -05:00
Rob Crittenden
7e2f44df45 Add 'Edit Policy' button at top of page. 2007-12-06 17:46:09 -05:00
Rob Crittenden
849803d37a Always show the edit link on your own record 2007-12-06 17:07:40 -05:00
Rob Crittenden
eb141b02ff Move dn removal to the XML-RPC side and remove empty attributes 2007-12-05 17:26:39 -05:00
Rob Crittenden
15b7dc6ff9 Add UI for service principal creation and keytab retrieval 2007-12-05 15:17:11 -05:00
Karl MacMillan
002312c050 Revert logging setup change because it has unintended 
consequences during ipa-server-install.
 0001-01-01 00:00:00 +00:00
Rob Crittenden
8ff9f63d80 Require that the default users group exists 
Fix some copy-paste errors from the password policy update
 2007-11-30 13:27:33 -05:00
Rob Crittenden
bac556557d Don't allow the admins or editors groups to be removed. 
Don't allow the default group for users to be removed.
 2007-11-30 12:49:08 -05:00
Rob Crittenden
5025e990e9 Remove optional arguments from the XML-RPC interface 2007-11-29 16:48:32 -05:00
Rob Crittenden
74d0fba899 Change the password expiration message to be more precise. 2007-11-29 16:43:38 -05:00
Rob Crittenden
ab67029d94 Add utility to lock user accounts. Remove lock capability from ipa-deluser 
Fix bootstrap.ldif to add new Class of Service entries properly
Include some man pages that weren't being installed
 2007-11-26 22:28:53 -05:00
Rob Crittenden
0b1650e7ad Add ipa-python to maintainer-clean and clean up .pyc files 2007-11-28 12:33:14 -05:00
Rob Crittenden
2e7f629d91 Remove unnecessary attribute left over from testing 2007-11-26 20:34:59 -05:00
Karl MacMillan
cd93c81a13 Committed generated spec files. 0001-01-01 00:00:00 +00:00
Karl MacMillan
c397041bfa Merge. 0001-01-01 00:00:00 +00:00
Rob Crittenden
2fbe5cbf49 Phase 1 of allowing admins to set the default object classes for users & groups 
This adds the UI and does error checking of the selected object classes but
it doesn't actually use the values yet.

It also generalizes some functions for doing multi-valued fields.
 2007-12-04 13:18:37 -05:00
Rob Crittenden
69765f52ce Groups may be iterated over so should be an empty list, not None 2007-12-05 15:12:24 -05:00
Rob Crittenden
299e457698 Convert krbmaxpwdlife and krbminpwdlife from seconds into days and hours 2007-12-03 18:07:47 -05:00
Karl MacMillan
a174d6d6e6 Fix mode on ipa-keytab-util. 0001-01-01 00:00:00 +00:00
Karl MacMillan
90d6fefe32 Fix errors with ipautil.CalledProcessError and cleanup some imports. 0001-01-01 00:00:00 +00:00
Karl MacMillan
61258a645c Add ipa-keytab-util to spec. 0001-01-01 00:00:00 +00:00
Karl MacMillan
edc7af1446 Add xml-rpc interface for getting keytabs. 
Warning: this lacks any sort of authorization.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
9038bf71dd Move packages to ipa from freeipa. 0001-01-01 00:00:00 +00:00
Karl MacMillan
b202b6cc31 Bump the version numbers for release. Also remove 
specific version check on freeradius. Packages aren't
available and the freeradius support isn't ready
anyway.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
67cddce4d4 Generate master password from Simo. 0001-01-01 00:00:00 +00:00
Karl MacMillan
7ce4df7038 Added replication.py 0001-01-01 00:00:00 +00:00
Karl MacMillan
c373ed5c5c Initial replication setup. 
This add replication setup through two new commands: ipa-replica-prepare
and ipa-replica-install. The procedure is to run ipa-replica-prepare
on an existing master. This will collect information about the realm
and the current master and create a file storing all of the information.
After copying that file to the new replica, ipa-replica-install is
run (with -r to create a read-only replica).

This version of the patch also includes fixes for the sasl mappings
on the replicas.

Remaining features:
- ssl for replication.
- automatic configuration of mesh topology for
  master (or a simpler way to replicate multiple
  masters.
- tool for view / configuring current replication.
 0001-01-01 00:00:00 +00:00
Simo Sorce
b456d8424a more s/unique// wrt groups members/objectclasses 2007-11-21 16:07:07 -05:00
Simo Sorce
3580d0affb Use groupOfNames and member, not groupOfUniqueNames and uniqueMember 2007-11-20 10:22:43 -05:00
Simo Sorce
bec524485a Fix subtle errors in kpasswd 2007-11-20 17:41:26 -05:00
Rob Crittenden
d3d89f754b Use same tzinfo as the time parser to avoid TypeError from being thrown 2007-11-21 00:27:50 -05:00
Rob Crittenden
f42f1f44c8 Enable group inactivation by using the Class of Service plugin. 
This adds 2 new groups: activated and inactivated.

If you, or a group you are a member of, is in inactivated then you are too.

If you, or a group you are a member of, is in the activated group, then you
are too.

In a fight between activated and inactivated, activated wins.

The DNs for doing this matching is case and white space sensitive.

The goal is to never have to actually set nsAccountLock in a user directly
but move them between these groups.

We need to decide where in the CLI this will happen. Right it is split
between ipa-deluser and ipa-usermod. To inactivate groups for now just
add the group to inactivate or active.
 2007-11-20 22:45:29 -05:00
Simo Sorce
56d67b86e1 Fix bad segfault when pwvals is null 2007-11-19 19:34:27 -05:00
Simo Sorce
44f9f13e17 Remove default SASL mappings if any to avoid conflicts with IPA SASL mappings 2007-11-19 19:34:10 -05:00