Commit Graph

16 Commits

Author SHA1 Message Date
sbose
e6d638b6cf Set samba_portmapper SELinux boolean during ipa-adtrust-install 2012-06-07 09:39:11 +02:00
Alexander Bokovoy
bd0d858043 Add trust-related ACIs
A high-level description of the design and ACIs for trusts is available at
https://www.redhat.com/archives/freeipa-devel/2011-December/msg00224.html
and
https://www.redhat.com/archives/freeipa-devel/2011-December/msg00248.html

Ticket #1731
2012-06-07 09:39:10 +02:00
Alexander Bokovoy
ae2d5edd1a Restart KDC after installing trust support to allow MS PAC generation
Also make sure all exceptions are captured when creating CIFS service
record. The one we care about is duplicate entry and we do nothing
in that case anyway.

Also make uniform use of action descriptors.
2012-06-07 09:39:10 +02:00
Alexander Bokovoy
a7420c1e83 Add trust management for Active Directory trusts 2012-06-07 09:39:09 +02:00
Alexander Bokovoy
dd244c02dd Use dedicated keytab for Samba
Samba just needs the cifs/ key on the ipa server. Configure samba to use a
different keytab file so that we do not risk samba commands (net, or similar)
to mess up the system keytab.

https://fedorahosted.org/freeipa/ticket/2168
2012-06-07 09:39:09 +02:00
Sumit Bose
3de257fe54 activate CLDAP 2011-12-06 08:29:53 -05:00
Sumit Bose
7c3e5f1be5 Fix some pylint warnings 2011-12-06 08:29:53 -05:00
Sumit Bose
0945e46845 Use new objectclasses and attributes for trust 2011-12-06 08:29:53 -05:00
Sumit Bose
9a14fa6c2f Move our own domain info into cn=etc
https://fedorahosted.org/freeipa/ticket/2001
2011-12-06 08:29:53 -05:00
Sumit Bose
2ac9d4816a Add DNS service records for Windows
https://fedorahosted.org/freeipa/ticket/1939
2011-11-30 11:28:39 +01:00
Martin Kosek
ac45a5eee8 Revert "Add DNS service records for Windows"
A wrong version of the patch has been pushed.

This reverts commit d24dda2fe3.
2011-11-29 14:13:58 +01:00
Sumit Bose
d24dda2fe3 Add DNS service records for Windows
https://fedorahosted.org/freeipa/ticket/1939
2011-11-23 00:24:07 -05:00
John Dennis
56401c1abe ticket 2022 - modify codebase to utilize IPALogManager, obsoletes logging
change default_logger_level to debug in configure_standard_logging

add new ipa_log_manager module, move log_mgr there, also export
root_logger from log_mgr.

change all log_manager imports to ipa_log_manager and change
log_manager.root_logger to root_logger.

add missing import for parse_log_level()
2011-11-23 09:36:18 +01:00
Sumit Bose
f323d818b9 Add admin SIDs
The admin SID DOMAIN-SID-500 will be assigned to the IPA admin user and the
admin group SID DOMAIN-SID-512 to the admins group.
2011-09-23 19:25:45 -04:00
Sumit Bose
0ebe23dc96 Fix ACIs in ipa-adtrust-install 2011-09-20 17:27:40 -04:00
Sumit Bose
29a7a7e8ce Add ipa-adtrust-install utility
https://fedorahosted.org/freeipa/ticket/1619
2011-09-14 18:45:13 -04:00