IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-06 22:33:00 -06:00
Code Issues Packages Projects Releases Wiki Activity
563 Commits 11 Branches 59 Tags 60 MiB
84c758153f
Commit Graph

451 Commits

Author SHA1 Message Date
rcritten@redhat.com
53e872fb72 Try to catch more error conditions during installation 
Modify the way we detect SELinux to use selinuxenabled instead of using
  a try/except.
Handle SASL/GSSAPI authentication failures when getting a connection
 2007-10-03 17:37:13 -04:00
Kevin McCarthy
1cef67e2e1 Add the rest of the user fields to the user pages. 2007-10-03 13:53:14 -07:00
mccann@jhu.edu
3ef4a374f7 Patch to fix the installer crashing if selinux is disabled. Also changes 
the exception to contain the complete command.
Add a check to make sure installer is running as root.
Add signal handler to detect a user-cancelled installation.
Detect existing DS instances and prompt to remove them.
 2007-10-02 16:56:51 -04:00
rcritten@redhat.com
e0b225b1b6 I broke add_groups_to_user and remove_groups_from_user with my 
"use group DN" patch. This fixes it.
 2007-10-02 17:26:09 -04:00
rcritten@redhat.com
6aa72b44e4 Do group operations based on the group DN, not the CN 
Add new class of errors for connections
Raise an exception if a connection cannot be made due to missing ccache
 2007-10-02 16:56:51 -04:00
Simo Sorce
cfac4acf9f Rely more on kerberos. 
Don't read ipa.conf to get the realm, the kerberos libs do that for you.
Use the krbPrincipalName to change passwords
Make it possible to specify the principal at user creation.
Mail is not a required attribute so far, don't require it.
 2007-10-01 17:33:16 -04:00
Kevin McCarthy
5750ebdd83 Assorted UI fixes: 
- Change sort functions to be on entities, so can use on the view pages too
- Fix bug: empty ajax search on useredit blows up
- Filter illegal characters from suggest uid/email methods
- Rename first/last name fields
- Make default font family sans-serif
- Speed up effect appear/fade rendering
- Add buttons to top and bottom of pages
- Make grouplist sortable
- Add noscript warning to welcome page
 2007-10-02 10:49:44 -07:00
Kevin McCarthy
050157ace0 Add group management to the newgroup page. 2007-10-01 13:27:40 -07:00
Kevin McCarthy
59ee94e378 Allow group selection on the create user page. 2007-10-01 11:26:22 -07:00
Kevin McCarthy
dbf8c1aeb9 Add group management to the user edit page. 
Added a couple more API calls to make the inverse operations easier.
 2007-09-28 16:01:42 -07:00
rcritten@redhat.com
0cfccd0f8c Don't include opts in any public argument lists. It is used internally only. 2007-10-01 13:34:43 -04:00
Simo Sorce
2ef71a85d0 Check passwords are not empty 2007-09-28 14:55:28 -04:00
Simo Sorce
93deded293 IPv6ify, untested 2007-09-28 03:21:17 -04:00
Kevin McCarthy
b02e9bfd1f Extract the shared dynamic edit code. 
Rename groupeditsearch.kid to dynamiceditsearch.kid
 2007-09-28 11:55:56 -07:00
Kevin McCarthy
8323959c3c Sort the group members on the view and edit group pages. 2007-09-28 09:59:04 -07:00
Kevin McCarthy
afb9a3c0a9 Refactoring to allow better member rendering. 
Created a MemberDisplayInfo to hold the info needed to render a member.
Changed round trip persistance to use that class.
Created a single renderMemberInfo method to render the members.
Changed dynamic as well as static lists to use renderMemberInfo.
Lastly, render groups members in italics.
Change view group to render group members in italics.
 2007-09-28 08:53:10 -07:00
Kevin McCarthy
d13c6efc40 Adds nested group handling to the view and edit group pages. 
Renames the ajax seach page, because it's tightly bound to the group edit page.
This isn't super polished, but the basic functionality is there.
 2007-09-27 14:51:35 -07:00
Kevin McCarthy
0431a536e5 patch queue: add_filters.patch 2007-09-27 16:07:05 -07:00
Kevin McCarthy
572b3e9fdd Make timelimit a parameter to the find methods. 2007-09-27 15:51:26 -07:00
Kevin McCarthy
d95b47232d patch queue: group_users_use_dns.patch 2007-09-27 11:27:33 -07:00
Karl MacMillan
679343594d Install the web gui 
Install the turbogears web gui including an init script. This
patch includes a few related changes:

* create a production configuration
* rename the web gui startup scrip to ipa-webgui
* add an init script
* chkconfig on the ipa-webgui init script
* make the start script properly daemonize the app when not
  in a development directory.
* Install everything to the correct places (/usr/sbin/ipa-webgui
  and /usr/share/ipa/ipagui mainly).

There are some things still left to do:

* Sort out the logging - the config needs to be adjusted so
  that logging messages end up in /var/log.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
50d12d6d2e Misc small fixes 
* Remove the rpmbuild tree with the dist-clean target.
* Move ipa-server-setupssl from /usr/sbin to /usr/share/ipa
* Check in requirement change for generated freeipa-python.spec
* Fix interactive hostname in ipa-server-install.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
22710a8dce Make apache work with selinux 
The default configuration of the apache selinux policy doesn't allow
apache to connect to the turbogears gui. This sets the correct
boolean to allow that connection.
 0001-01-01 00:00:00 +00:00
Kevin McCarthy
24c22a2ebc Misc small fixes: 
- Members of groups are clickable
- Combine name and uid into a single column in find users
- Remove license plate from searching
- Mailto links on user emails
- Add timelimit to finds.  This is experimental...
- Fix usersearch to only search on objectClass=Person
- Change search to use get parameter
 2007-09-25 11:25:48 -07:00
Kevin McCarthy
1725397a53 Adds methods to manipulate groups by dns. 
Renamed some of the user_group parameters to be self-evident.
Binary wrapping isn't necessary on strings, so removed from xmlrpc calls.
 2007-09-26 15:47:34 -07:00
rcritten@redhat.com
f8eda3da3e Fix a couple of XML-RPC functions that were missing the opts argument 
Include a kerberized XML-RPC client that will list the XML-RPC API
 2007-09-26 16:31:43 -04:00
Kevin McCarthy
1a7ef0d135 patch queue: helptext.patch 2007-09-26 13:08:29 -07:00
Kevin McCarthy
313f9bc4a0 Add IPA icon file. 2007-09-25 16:54:19 -07:00
Kevin McCarthy
fa7759684f Adds manager and direct reports to usershow page. 
Fixes a bug with the group by member where is wasn't trapping not found errors.
 2007-09-25 15:44:49 -07:00
Kevin McCarthy
765279d82b Show the list of groups a user belongs to. 2007-09-25 13:35:43 -07:00
rcritten@redhat.com
0258d01792 Use a different directory for test programs 2007-09-25 09:50:30 -04:00
rcritten@redhat.com
0b65e95b57 Make doing basic testing of Kerberos ticket forwarding and system setup 
easier.
 2007-09-25 08:37:45 -04:00
rcritten@redhat.com
fddae7a8a2 Fix error when using with TurboGears 2007-09-25 08:36:23 -04:00
rcritten@redhat.com
337f0cf853 Install the error web pages 2007-09-24 15:25:44 -04:00
rcritten@redhat.com
e606ad5606 Show (hopefully) useful information if the Kerberos connection fails. 2007-09-24 15:20:34 -04:00
rcritten@redhat.com
a1196902aa Print the request environment for debugging purposes. 2007-09-24 15:24:44 -04:00
rcritten@redhat.com
2fec56d679 Enable LDAP debugging using the mod_python Apache configuration directive 
PythonOption IPADebug On/Off
 2007-09-21 14:39:52 -04:00
rcritten@redhat.com
7b96973711 Give ipa-adduser, ipa-addgroup and ipa-usermod an interactive mode 
Add ipa-passwd tool
Add simple field validation package
This patch adds a package requirement, python-krbV. This is needed to
 determine the current user based on their kerberos ticket.
 2007-09-21 10:24:36 -04:00
rcritten@redhat.com
919d037189 Add a failed login page. In theory it should never been seen but it makes 
things nicer
Remove the login page
Remove the login link from master.kid
 2007-09-21 10:58:40 -04:00
rcritten@redhat.com
e41bb1d6fe Don't fall back on proxy authentication. We don't generate the certificates 
anymore and that failure just causes more confusion.
 2007-09-24 15:23:50 -04:00
Kevin McCarthy
5cdfc5bd3b Add set_krbccache() calls to new controller methods. 
Small fix to proxyprovider for anonymous case.
 2007-09-20 14:53:23 -07:00
rcritten@redhat.com
370500ab1a Remove support for LDAP proxy connections 2007-09-20 09:01:23 -04:00
Simo Sorce
e16e215cdd Merge with upstream 2007-09-20 17:11:01 -04:00
Simo Sorce
fbfefe6b0e Merge conflicts between rob and kevin patches 2007-09-20 16:58:54 -04:00
Simo Sorce
3fd4b9ba2c Initial support for confiuguring a DNS Server during installation. 
It's not perfect yet but good enough to include it.
 2007-09-20 15:10:21 -04:00
Kevin McCarthy
4e79c37c60 Add password changing call to web gui. 2007-09-19 15:59:01 -07:00
Kevin McCarthy
036cf58042 Handle add/remove failures a little bit better. 
Still some refinements that can be done, but at least it shows the failures
now.
 2007-09-19 13:43:52 -07:00
Kevin McCarthy
f17071533a Implement asynchronous search for groups. 
Use the filter generation code to search on multiple fields.
 2007-09-19 08:42:34 -07:00
Kevin McCarthy
6b3d1e85da Add client-side search limit parameter for user search. 
Limit editgroup user ajax search.
Minor UI cleanup for editgroup.
 2007-09-18 14:58:30 -07:00
Kevin McCarthy
c4998d3902 Fixes to the edit protected checkbox. 
- Make checkbox sticky on round trips
- Make required fields validate when checkbox is checked.
 2007-09-18 10:54:53 -07:00
Kevin McCarthy
8190404706 Prevent members from being added added twice. 
Display search message while in progress.
Correctly calculate number of search results after filtering.
 2007-09-17 15:24:11 -07:00
Kevin McCarthy
cc1585daff Persist adds and removes on a server round trip. 2007-09-17 11:46:48 -07:00
Kevin McCarthy
65e4d27e99 patch queue: groupmember.patch 2007-09-14 15:20:09 -07:00
rcritten@redhat.com
b85668579e Use ticket forwarding with TurboGears. mod_proxy forwards the principal 
name and location of the keytab. In order for this keytab to be usable
 TurboGears and Apache will need to run as the same user. We will also need
 to listen only on localhost in TG.
 2007-09-14 17:19:02 -04:00
Kevin McCarthy
a809d44429 Adding sort images. 2007-09-13 10:40:50 -07:00
Simo Sorce
7633abb9e4 Better we do not fiddle with /etc/hosts, make sure to abort and let the admin 
fix it.
 2007-09-13 12:10:55 -04:00
Simo Sorce
2ca655980b Better way to ask for the Realm name, with implicit default 2007-09-12 18:58:56 -04:00
Kevin McCarthy
0e355a734f Group edit page 2007-09-12 10:40:31 -07:00
Simo Sorce
533044903d Add confirmation when asking un-echoed passwords 2007-09-12 13:20:57 -04:00
Simo Sorce
fd61df06c5 Avoid showing passwords. 
Patch from William Jon McCann <mccann@jhu.edu>
 2007-09-12 11:55:19 -04:00
Simo Sorce
5898ae527a In the TCP case there is an extra (redundant) lenght 
field before the packet data, address the problem.
 2007-09-12 11:51:16 -04:00
Kevin McCarthy
c4ab64cabc Add group screen. More to come... 2007-09-11 14:51:51 -07:00
Kevin McCarthy
b4297caa8b Small fixes to proxyprovider. 2007-09-11 14:45:53 -07:00
Kevin McCarthy
5ef768484a Adds javascript table sorting for user results 
Adds tablekit: http://www.millstream.com.au/view/code/tablekit/ licensed under MIT.
 2007-09-13 10:26:35 -07:00
rcritten@redhat.com
ed6ab17c9c Add function to allow user's to set/reset their kerberos password 
Remove some unused calls to retrieve the current realm
 2007-09-11 02:48:53 -04:00
rcritten
182fbe3094 Enable mod_proxy to sit in front of TurboGears and pass along the 
kerberos principal name
Add an identity an visit class to TurboGears that can handle the user
 without requiring a database
Update the UI to show the user correctly.
Note that this is currently disabled. It is hardcoded to always return the
 principal test@FREEIPA.ORG in proxyprovider.py
It doesn't handle an unauthorized request because that can never happen.
 2007-09-10 16:33:01 -04:00
Kevin McCarthy
37d10e0c51 Edit protected fields checkbox on user edit page. 
(Password updating still doesn't work due to ACI though)
 2007-09-10 10:02:33 -07:00
Karl MacMillan
ab0f69891d Overwrite ldappwd file to fix bug when reinstalling IPA. 0001-01-01 00:00:00 +00:00
Karl MacMillan
d15ad0f26a Update version numbers for release. 0001-01-01 00:00:00 +00:00
Kevin McCarthy
903e11631c Fix duplicate entry error to be more descriptive. 
Add TurboGears to required package list
Clear password on Edit Person page.
Change uidnumber/gidnumber on Add Person to say 'Generated by server'
 2007-09-07 16:53:34 -07:00
Kevin McCarthy
9bb9dbae42 Add required packages to README 2007-09-07 15:18:51 -07:00
Simo Sorce
e7cb308e06 Reference the interactive method by default 2007-09-07 16:38:30 -04:00
rcritten@redhat.com
2377e8bcb0 Add group command-line tools to the Makefile 
Updated installation instructions
 2007-09-07 17:49:44 -04:00
Kevin McCarthy
78bcc22c40 small release fixes: 
- Make password not required for add person
- Fix for searching on '*' or ''
 2007-09-07 11:07:59 -07:00
Kevin McCarthy
c821699b64 Password changes: 
- remove password generator button
  - add confirm password field
 2007-09-06 14:28:21 -07:00
Karl MacMillan
438b548f19 Correct installation path for dna plugin. 0001-01-01 00:00:00 +00:00
Kevin McCarthy
2adeed3029 Add search box in header. 
Change account status to use select list and 'active'/'inactive' values.
Improve autosuggest to keep suggesting unless you overwrite a suggestion
(if you correct the name, it will re-suggest).
 2007-09-06 11:09:12 -07:00
Karl MacMillan
268dd829df Added dna plugin to spec. 0001-01-01 00:00:00 +00:00
Kevin McCarthy
4e242b5dc1 Small UI tweeks 
- Rename buttons
- Add fake "logged in as" text
- Increase font size and spacing for sidebar
- Fix search messages for no results
- Open ipa footer link in new window
 2007-09-05 16:59:55 -07:00
Kevin McCarthy
d036eb0ac9 Add password expiration messages to user show/edit pages. 
Add userhelper module to provide ui logic.
Fix uid/email suggest to lowercase first.
 2007-09-05 15:54:04 -07:00
Kevin McCarthy
945713ca30 Fix dsinstance.py and krbinstance.py imports 2007-09-06 16:21:07 -07:00
rcritten@redhat.com
9b30f46744 Enable LDAP SASL authentication using a forwarded kerberos ticket 
Handle both SASL auth and proxied authentication
Refactor LDAP connection code to be simpler
Other small bug fixes
 2007-09-05 13:14:23 -04:00
Pete Rowley
82943c31de Initial commit of dna plugin - origin: FDS with fix ups 2007-09-04 15:39:53 -07:00
Simo Sorce
584baa7ee2 merge ipa-server/ipaserver/util.py into ipa-python/ipautil.py 
this way freeipa-client does not depend on freeipa-server
 2007-09-04 16:13:15 -04:00
Simo Sorce
48e70a4bf0 Merge with upstream 2007-09-04 15:40:24 -04:00
Simo Sorce
abeda55e34 Add password request for admin user 
Set password for admin user using the Directory Mangaer account
and the mozldapldappaswd binary to get and SSL connection
Fix some timeout problems with deploying keytabs
Fix ipa_pwd_extop to actuallt correctly detect an SSL connection
Do not ask for the user to use for the directory unless 'dirsrv' is
 an existing user which may clash, create it silently
 2007-08-31 18:40:01 -04:00
Simo Sorce
7a0629ea55 More DIT fixes discovered after testing 2007-08-31 18:36:54 -04:00
Kevin McCarthy
00e299467c Add account deactivation checkbox. 
Fix genModList to lowercase all keys and use CIDict.
 2007-08-31 10:59:26 -07:00
Kevin McCarthy
c85c8eede3 Add 'test' target to makefiles. Hook up ipautil tests to run. 2007-09-04 10:22:45 -07:00
Simo Sorce
de96b9a9da Megre in form upstream 2007-08-30 19:42:39 -04:00
Kevin McCarthy
90a34f3865 Add auto-suggest for uid and email fields. 2007-08-30 15:10:48 -07:00
Kevin McCarthy
59f843517d Add scriptaculous effects library (will add more if they become necessary). 
Scriptaculous <http://script.aculo.us/> is released under an MIT license.
 2007-08-30 15:05:12 -07:00
Simo Sorce
a9b9a55392 Fix copy&paste error, its not the conf files we need access to, 
we need to access the generated keytabs
 2007-08-30 15:31:27 -04:00
Simo Sorce
a8fe485065 Integrate corrections pointed out on the list 2007-08-30 12:23:39 -04:00
Simo Sorce
bebc413366 Finalize DIT, this is waht we are probably going to have in the end, 
or something very close to this one
Add default groups and admin user

TODO: need to discuss more in deep uid/gid generation, this will
      probably change as soon as the DNA plugin is activated
 2007-08-29 18:07:05 -04:00
Karl MacMillan
09621f1319 Added freeipa logo. 0001-01-01 00:00:00 +00:00
Simo Sorce
f0ebdce024 Fix copy&paste error, its not the conf files we need access to, 
we need to access the generated keytabs
 2007-08-30 15:31:27 -04:00
Kevin McCarthy
50450d6acb UI cleanup 2007-08-29 16:49:46 -07:00
Kevin McCarthy
e9bd8dee3b Change user search to be asynchronous. 
This way it returns results even if the search times out.
The find_users() search now returns a counter as the first result, which
is set to -1 if the results are partial.
 2007-08-28 16:01:07 -07:00
Kevin McCarthy
ef2dc5cefa Changes for larger data demo. 
Add fields to search results
Put result() call inside try block - it's throwing an exception
Trap ADMINLIMIT and SIZELIMIT exceptions
 2007-08-28 09:20:12 -07:00
rcritten@redhat.com
eebaa73d3d Implement delete users and groups 
Implement adding a group to a group
Some other small fixups
Add new cmd-line tool ipa-delgroup
 2007-08-28 13:52:08 -04:00
Karl MacMillan
6eea6664e0 This patch wraps binary data in an xmlrpclib Binary object. This 
removes the need for LDIF conversion.  It will make TurboGears direct
code faster, but should keep xmlrpc about the same speed.

The patch also swaps out ldap.cidict for the IPA CIDict class.  IPA code
should only use the CIDict class now.
 0001-01-01 00:00:00 +00:00
Kevin McCarthy
e31b526c81 Enhanced user search: 
- "configurable" fields to search on
- tokenize search words
- prioritize exact matches over partial matches
- split match filter generation into a re-usable function.
Other updates:
- use finally block to return ldap connections
- update web gui to use new get_user methods
 2007-08-27 11:30:26 -07:00
Karl MacMillan
f437ecfad1 Fix minor error in previous patch. 0001-01-01 00:00:00 +00:00
rcritten@redhat.com
a5b7e3f56b Include any LDAP error strings in XML-RPC Fault exceptions 
Put a try/except around attempts to determine user uniqueness
 2007-08-27 13:45:28 -04:00
rcritten@redhat.com
861cda3cb5 Initial support for Groups 
Create separate object for Users and Groups (using same base class)
Check for uniqueness before adding new users and groups
Remove user_container from everything but add operations
Abstract out a number of functions that are common across users and groups
Make sure all strings passed in to be in a filter are checked
Add new error message: No modifications specified
 2007-08-24 15:42:56 -04:00
rcritten@redhat.com
240a99b6f3 Move add user logic to the server side 2007-08-23 11:57:25 -04:00
rcritten@redhat.com
8879ee173e Handle optional arguments by using the value __NONE__ over XML-RPC. 
rpcclient.py must call XML-RPC functions with all arguments.
Removed encode_args and decode_args. They were the source of most of the
  argument pain. Now opts is alwyas appended to the end of the arguments
  so MUST be the last argument in any server-side function (can be None)
Allow the User object to handle unicode data
Small fixes to command-line tools to be friendlier
Broke out get_user() into get_user_by_dn() and get_user_by_uid()
Need to request more than just 'nsAccountLock' attribute when trying to
  see if a user is already marked deleted. If it is blank the record
  coming back is empty. Add 'uid' to the list to guarantee something coming
  back (dn is handled specially)
Added user_container attribute to get_user_* and add_user so the caller
  can specify where in the tree the user will be searched for/added.
Added global default value for user_container
 2007-08-23 09:44:00 -04:00
Pete Rowley
23508d33b5 Add DS task to fix up memberof, turn debug build back on 2007-08-21 12:41:32 -07:00
Kevin McCarthy
7691653c0a Create ipaerror module. 
Move LDAPError trapping/conversion into the ipaldap module.
Fix xmlrpc layer to encode/decode ipaerrors properly.
Also, implement mid-air collision exception for updates.
 2007-08-22 10:30:51 -07:00
Kevin McCarthy
a8f302aa9f Move ldap search filter escaping into the funcs.py layer. 2007-08-21 14:26:36 -07:00
Simo Sorce
ac926646ea Fix escaping code, missing "unicode" string identifier in one of the value 
comparisons
 2007-08-21 16:25:02 -04:00
Kevin McCarthy
f5e30866d1 Escape search input. Search by uid and cn. 2007-08-20 14:23:23 -07:00
Kevin McCarthy
6b69d9cc46 Remove auto-wildcarding of uid search. 
Remove list users link.
 2007-08-20 13:14:00 -07:00
Kevin McCarthy
4c8f2346a0 Improved modlist generator. 2007-08-20 16:18:12 -07:00
Kevin McCarthy
cb03961ff1 Convert add_user to take a user instead of a dict. 2007-08-20 12:10:50 -07:00
Kevin McCarthy
c113d932b1 Move utf-8 conversion inside user.py (for updates). 2007-08-20 11:39:04 -07:00
Kevin McCarthy
66d3f1e730 Embed origiginal values inside user, and have update_user pass in a user 
object.  Based on rcrit's original patch.
Push scalar to list value conversion inside funcs.py.
 2007-08-20 10:50:11 -07:00
Kevin McCarthy
5f0f192ae3 change strings to be encoded using value.encode("utf-8"). 
fix update to set 'cn' instead of 'sn'.
remove str() in funcs.add_user().
 2007-08-17 15:32:05 -07:00
Kevin McCarthy
a0e2fa00f1 Manual merge changes in for the cidict/ipaclient add_user() 2007-08-17 14:27:54 -07:00
Simo Sorce
48bb474e68 Add interactive prompts to ipa-server-install 
Change unattended flag to be -U
Change master password flag to be -P instead of -m
Improve ipa-client-install readability for user prompts
 2007-08-20 18:40:32 -04:00
Simo Sorce
aacfce9cf1 Remove dependncy on libmhash and use openssl md4 functions 
Remove all dependencies on mhash
Remove code optimizatrion from Makefiles, right now these are
developers targeted builds, so it is better to have debugging
symbols around
 2007-08-20 15:38:47 -04:00
Kevin McCarthy
8a0c3cb945 Change userlist into a quick search form. 
Add hack to update cn using givenname+sn (for now).
Change funcs.find_users() to not error if no results.
 2007-08-17 10:58:56 -07:00
Kevin McCarthy
3184b5cd97 Remove ':' from the label widgets so they can be used outside forms. 
Add ':' into the edit/new/show pages.
 2007-08-17 10:59:42 -07:00
Simo Sorce
29a8f74fad Complete proper daemonization by closing std* descriptors. 
This fixes install as well as /sbin/services does not hang anymore
 2007-08-17 12:44:01 -04:00
Simo Sorce
9238e3cb4a Merge with upstream 2007-08-17 10:41:45 -04:00
Simo Sorce
d41db21a09 Add forgotten ipa-kpasswd.init 2007-08-17 10:34:34 -04:00
Kevin McCarthy
0ddf0699a5 Add update user to gui. 
Fix fields to be lowercase in web gui (server now returns them lowercase).
Fix ipaclient.py to refer to lowercase fields when adding a user.
Fix user.getValue() to check isinstance(value,list) instead of value[0].
 2007-08-16 15:05:36 -07:00
rcritten@redhat.com
05f6a22110 Implement user inactivation 
Comment some functions
Add attribute argument to get_user()
 2007-08-17 10:03:33 -04:00
rcritten@redhat.com
5f0f23ee91 Ensure that the Apache server is in forked mode 
Add ability to update existing users
Try to prevent fetching and setting empty strings
 2007-08-14 17:22:05 -04:00
Simo Sorce
547f501fae Patch from Rob to quick fix an error in the previous one 2007-08-16 18:59:58 -04:00
rcritten@redhat.com
cfaa28150b Basic LDAP connection pooling 
Implement user search
 2007-08-13 16:41:38 -04:00
Simo Sorce
794ef65abc make pluginlibrary files executable like all other dirsrv plugins 2007-08-16 18:47:29 -04:00
Simo Sorce
0a6007bcf2 Fix the relative name, Richm explained that the allowed values are either: 
/full/path/plugin-name.so
or just
plugin-name (no .so as different arches have different extensions)
 2007-08-16 17:59:23 -04:00
Simo Sorce
f6605ca792 Add libmhash as dependency for ipa_wpd_extop 2007-08-16 17:58:24 -04:00
Simo Sorce
59ada5daeb Make ipa-kpasswd start immediately 2007-08-15 22:17:42 -04:00
Simo Sorce
3d5c8b326b Improve ipa-kpasswd so that it can be installed and started 
Make it daemonize
Make it use syslog (LOG_DAEMON facility)
 2007-08-15 22:15:35 -04:00
Simo Sorce
82f24bb490 General fixes. 
Do not start ipa_kpasswd by default yet
 2007-08-15 21:35:35 -04:00
Simo Sorce
1e59adbe45 in F7 all directory names have changed from fedora-ds to dirsrv 
which should also be the name used in DS 8.0, change all occurences
 2007-08-15 19:45:18 -04:00
Simo Sorce
9faa5ce77e Use relative .so names for plugin so that lib/lib64 does not get in the way 
change the pwd-extop conf ldif to a more sensible name
 2007-08-15 18:55:20 -04:00
Simo Sorce
be34ddfc28 Merge from upstream 2007-08-15 18:31:53 -04:00
Simo Sorce
788149e2e5 Activate the passwd extop plugin and ipa-kpasswd daemon 2007-08-15 18:30:15 -04:00
Simo Sorce
a8e489e065 Rely on the default path 
Fix description
 2007-08-15 18:29:51 -04:00
Simo Sorce
409318ddc3 Fix dependency and install ipa-kpasswd init script 2007-08-15 18:29:07 -04:00
Simo Sorce
9ad12ae2eb Clean-up code to avoid Wall warnings 2007-08-15 11:37:03 -04:00
Simo Sorce
6690e4f131 Add deps to README 2007-08-15 11:22:20 -04:00
Simo Sorce
c7aed23e82 Clean up code so that Wall returns 0 complaints 2007-08-15 11:21:49 -04:00
Karl MacMillan
92be45e3fe Fix -Wall for memberof plugin (from Pete Rowley). 0001-01-01 00:00:00 +00:00
Kevin McCarthy
2ef4792fd1 - Add password generator method to controller. 
This uses the random.SystemRandom() method to generate an 8-digit
  alphanumeric password.
- Add ajax call to usernew and useredit forms to generate a new password
- Add the prototype javascript library: http://www.prototypejs.org/
  prototype is distributed with the MIT license.
- Add a checkbox to toggle editing (and displaying) the password.
- Change usershow template to use same field labels as the edit and new forms.
 2007-08-14 09:40:13 -07:00
Kevin McCarthy
10cbfe8787 Split userform into edit and new forms. 
(They will likely diverge so no sense forcing them together).
Add css for required fields.
Add "_orig" hidden fields to the edit form in prep for sending only modified
fields.
 2007-08-10 16:31:59 -07:00
Karl MacMillan
c1b3a4c412 Install server plugins in correct lib directory. 0001-01-01 00:00:00 +00:00
Karl MacMillan
0144922fd7 Merge from bundle. 0001-01-01 00:00:00 +00:00
Kevin McCarthy
b3aba86b2e Add images and empty files, which didn't seem to come through in the 
hg export properly.
 2007-08-12 05:59:49 -07:00
kmccarth@dhcp-172-16-25-136.sfbay.redhat.com
728e44833c Addiing initial turbogears web gui. 
Contains simple user add, list, and view pages.
 2007-08-12 04:53:18 -07:00
rcritten@redhat.com
a3e786e22e Allow the API to specify the location in the tree to add users, defaulting 
to ou=users,ou=default,$basedn
 2007-08-10 10:30:15 -04:00
rcritten@redhat.com
400ced55eb Start the DS and KDC on boot 2007-08-09 13:44:32 -04:00
Simo Sorce
34b439e838 Fix location of the binary 
Add a comment on the ldap code for the future
 2007-08-09 17:10:41 -04:00
Simo Sorce
5a7c853ec7 export kpasswd keytab during installation process 2007-08-09 16:55:23 -04:00
Simo Sorce
d60f233223 typo 2007-08-09 14:58:28 -04:00
Simo Sorce
a59c36b394 merge in changes from upstream 2007-08-09 14:52:54 -04:00
Simo Sorce
950bddf2a3 remove unknown patch file 2007-08-09 14:47:52 -04:00
Simo Sorce
588fa2f323 Add dependency and a comment 2007-08-08 22:20:07 -04:00
Simo Sorce
80bd4aa9f9 Fix the bind zone template, or kpasswd will not work 2007-08-08 22:19:37 -04:00
Simo Sorce
c13bbdeb7a set preauth on kadmin/changepw otherwise the kpasswd can't acquire a ticket 2007-08-08 22:19:03 -04:00
Simo Sorce
a50720e7d4 Make the daemon init it's own tickets. 
Make it blacklist clients until the previous operation is not over.
General bugfixing.
 2007-08-08 22:18:14 -04:00
Simo Sorce
7ca7a4b9e4 move ipa-kpasswd to a new location to conform to the new tree layout 2007-08-01 16:01:52 -04:00
Simo Sorce
fbfee82317 Try to fix dir layout and recover missing files 2007-08-01 15:58:52 -04:00
Simo Sorce
96d292b735 Merge from upstream 2007-08-01 15:26:08 -04:00
Karl MacMillan
2e1f317b09 Updated dep list. 0001-01-01 00:00:00 +00:00
Karl MacMillan
e27ab98fd2 Integrate memberof plugin into build. 0001-01-01 00:00:00 +00:00
Pete Rowley
d3415f85b0 initial commit of memberof DS plugin 2007-08-10 16:06:23 -07:00
Karl MacMillan
0d981af820 Various build system fixes. 0001-01-01 00:00:00 +00:00
kmccarth@redhat.com
cdaee95230 Addiing initial turbogears web gui. 
Contains simple user add, list, and view pages.
 2007-08-12 04:53:18 -07:00
Karl MacMillan
cf93b1bc64 Fixed merge. 0001-01-01 00:00:00 +00:00
Karl MacMillan
b1831b4593 Fix typo / buglets in setup scripts. 
Add fallback to ds_newinst.pl.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
9a01f353cf Bump version numbers for release. 0001-01-01 00:00:00 +00:00
Karl MacMillan
86c223f472 Merge. 0001-01-01 00:00:00 +00:00
rcritten@redhat.com
b9b06a2a60 Generate /etc/httpd/conf.d/ipa.conf from a template so the realm can 
be set during installation
 2007-08-06 10:51:23 -04:00
rcritten@redhat.com
993f76fe60 - Abstracted client class to work directly or over RPC 
- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires
- Remove references to admin server in ipa-server-setupssl
- Generate a client certificate for the XML-RPC server to connect to LDAP with
- Create a keytab for Apache
- Create an ldif with a test user
- Provide a certmap.conf for doing SSL client authentication
- Update tools to use kerberos
- Add User class
 2007-08-06 10:05:53 -04:00
Karl MacMillan
cef59d76eb Minor fix to adduser. 
Make ipa-server-install restart htppd
 0001-01-01 00:00:00 +00:00
Karl MacMillan
88a1ab65ce Updates to build kpaswd and the slapi plugins. 0001-01-01 00:00:00 +00:00
Karl MacMillan
548698a887 Add ntpd requirement. 0001-01-01 00:00:00 +00:00
kmccarth@redhat.com
88ab86fa37 Rename 'gn' to 'givenName' 2007-08-02 15:01:59 -07:00
Karl MacMillan
66ee656155 Added spec files for python and admintools. 0001-01-01 00:00:00 +00:00
Karl MacMillan
8cf45633fe Fixed broken patches and server spec. 0001-01-01 00:00:00 +00:00
Karl MacMillan
7d95cd612c Final reorginzation to reflect packaging. 0001-01-01 00:00:00 +00:00
Karl MacMillan
aed1f91105 Add local-dist target. 
Remove hard-coded config.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
1d8d4222ab Second (final) part of xmlrpc patch. 0001-01-01 00:00:00 +00:00
Karl MacMillan
4d656111e6 First part of xml-rpc patch. 0001-01-01 00:00:00 +00:00
Karl MacMillan
95bdb1bdf0 Updated spec with nss-tools and openldap-clients 0001-01-01 00:00:00 +00:00
Karl MacMillan
e811c87b1c Update dsinstance.py to use setup-ds.pl instead of ds_newinst.pl. 0001-01-01 00:00:00 +00:00
Karl MacMillan
ee1a0bb90f First working spec file. 0001-01-01 00:00:00 +00:00
Karl MacMillan
19f5aaa424 Fixed spec. 0001-01-01 00:00:00 +00:00
Karl MacMillan
c7a3bbe3ac Update for DESTDIR 0001-01-01 00:00:00 +00:00
Karl MacMillan
618b98fea7 Finish python library reorg. 0001-01-01 00:00:00 +00:00
Karl MacMillan
bac241ffc3 More reorgnization. 0001-01-01 00:00:00 +00:00
Karl MacMillan
f7d005a854 Finish removing extra files. 0001-01-01 00:00:00 +00:00
Karl MacMillan
1e52deca8f Removed unnecessary files (which were added to work around a mercurial bug) 0001-01-01 00:00:00 +00:00
Karl MacMillan
b8a0512998 Update for new python library layout. 0001-01-01 00:00:00 +00:00
Karl MacMillan
899daaf048 First cut at spec files and Makefile for ipa-server. 0001-01-01 00:00:00 +00:00
Karl MacMillan
9d5b946fda Reorganized repo to reflect packaging. 0001-01-01 00:00:00 +00:00