freeipa/daemons
Alexander Bokovoy 14c48ba6fb Recover from invalid cached kerberos credentials in ipasam
When developing and testing in the same environment, multiple re-installs
may be needed. This means previously issued and cached Kerberos credentials
will become invalid upon new install.

ipasam passdb module for Samba uses Kerberos authentication when talking to
IPA LDAP server. Obtained Kerberos credentials are cached during their lifetime.
However, the ccache is not removed automatically and if IPA setup is made
again, cached credentials are used, only to discover that they are invalid.

With this change invalid correctly obtained cached credentials are recognized
and, if LDAP SASL bind fails, new credentials are requested from the KDC.

https://fedorahosted.org/freeipa/ticket/3009
2012-08-22 17:20:56 +03:00
..
ipa-kdb Add PAC filtering 2012-08-02 11:28:19 -04:00
ipa-sam Recover from invalid cached kerberos credentials in ipasam 2012-08-22 17:20:56 +03:00
ipa-slapi-plugins extdom: read ranges from LDAP 2012-08-15 23:41:06 -04:00
configure.ac Allow silent build if available 2012-07-06 13:06:15 +03:00
ipa-version.h.in Fix typos 2011-09-07 13:20:42 +02:00
Makefile.am Add ipasam samba passdb backend 2011-12-06 08:29:53 -05:00