IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 17:01:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
5,278 Commits 11 Branches 59 Tags 60 MiB
Python 75.7%
JavaScript 10.9%
C 10.8%
Roff 1.1%
Makefile 0.4%
Other 1.1%
1f831393a2
Go to file
Petr Viktorin 1f831393a2 ipa-client-install: Obtain host TGT from one specific KDC 
When clients install, they use kinit to obtain a TGT, which uses DNS to find
the KDC to connect to. It might happen that the newly created principal
has not replicated to selected KDC yet, making kinit fail and aborting the
install.

The client sets a temporary krb5 config file while installing via $KRB5_CONFIG.
Modify this file so that the kerberos library only uses the specific server
we're installing under, and call kinit while it's still in place.

Clean up the configure_krb5_conf function to remove unused arguments. For
clarity, use keyword arguments when calling it.

https://fedorahosted.org/freeipa/ticket/2982
2012-09-10 23:20:15 -04:00
.tx Add Transifex tx client configuration file 2011-03-07 16:05:33 -05:00
checks Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
contrib Use DN objects instead of strings 2012-08-12 16:23:24 -04:00
daemons Support the new Winsync POSIX API. 2012-09-06 14:29:14 +02:00
doc Replace float with Decimal 2012-01-20 08:13:44 +01:00
init Disable false pylint error in freeipa-systemd-upgrade 2012-02-15 00:26:18 -05:00
install Reflect API change of SSH store in Web UI 2012-09-06 19:18:22 -04:00
ipa-client ipa-client-install: Obtain host TGT from one specific KDC 2012-09-10 23:20:15 -04:00
ipalib Reflect API change of SSH store in Web UI 2012-09-06 19:18:22 -04:00
ipapython Use OpenSSH-style public keys as the preferred format of SSH public keys. 2012-09-06 19:11:57 -04:00
ipaserver Add version to replica prepare file, prevent installing to older version 2012-09-07 12:58:55 +02:00
selinux Use certmonger to renew CA subsystem certificates 2012-07-30 13:39:08 +02:00
tests Use OpenSSH-style public keys as the preferred format of SSH public keys. 2012-09-06 19:11:57 -04:00
util Make encode_ntlm_keys() public 2012-09-06 09:24:58 +02:00
.bzrignore Added top-level tests/ package that will contain all unit tests 2008-10-07 20:36:44 -06:00
.gitignore Replace broken i18n shell test with Python test 2012-03-26 20:29:26 -04:00
API.txt Use OpenSSH-style public keys as the preferred format of SSH public keys. 2012-09-06 19:11:57 -04:00
autogen.sh build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches 2010-11-29 11:39:55 -05:00
BUILD.txt Rename ipa.spec.in to freeipa.spec.in in BUILD.txt. 2011-02-10 17:52:43 -05:00
Contributors.txt Update Contributors.txt file 2012-08-28 16:59:42 +02:00
COPYING Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
freeipa.spec.in Set minimum of 389-ds-base to 1.2.11.8 to pick up cache warning. 2012-09-05 15:52:51 -04:00
ipa Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
ipa-compliance.cron Add support for tracking and counting entitlements 2011-02-02 10:00:38 -05:00
ipa.1 Don't set delegation flag in client, we're using S4U2Proxy now 2012-02-15 17:08:33 +01:00
lite-server.py Tweak the session auth to reflect developer consensus. 2012-02-27 05:54:29 -05:00
make-doc This patch removes the existing UI functionality, as a prep for adding the Javascript based ui. 2010-07-29 10:44:56 -04:00
make-lint Use DN objects instead of strings 2012-08-12 16:23:24 -04:00
make-test Pass make-test arguments through to Nose 2012-04-11 22:20:07 -04:00
make-testcert Use DN objects instead of strings 2012-08-12 16:23:24 -04:00
makeapi Redo boolean value encoding. 2012-05-09 09:43:35 +02:00
Makefile Fix python Requires in Fedora 17 build 2012-05-15 10:43:39 +02:00
MANIFEST.in Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
README Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup-client.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup.py Add plugin framework to LDAP updates. 2011-11-22 23:57:10 -05:00
TODO Parse comma-separated lists of values in all parameter types. This can be enabled for a specific parameter by setting the "csv" option to True. 2011-11-30 17:08:35 +01:00
VERSION Use OpenSSH-style public keys as the preferred format of SSH public keys. 2012-09-06 19:11:57 -04:00
version.m4.in Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00

README 

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Quick Start
  -----------

  To get started quickly, start here:
  <https://fedorahosted.org/freeipa/wiki/QuickStartGuide>

  Licensing
  ---------

  Please see the file called COPYING.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa