freeipa/install/share
Rob Crittenden 2f4f9054aa Enable a host to retrieve a keytab for all its services.
Using the host service principal one should be able to retrieve a keytab
for other services for the host using ipa-getkeytab. This required a number
of changes:

- allow hosts in the service's managedby to write krbPrincipalKey
- automatically add the host to managedby when a service is created
- fix ipa-getkeytab to return the entire prinicpal and not just the
  first data element. It was returning "host" from the service tgt
  and not host/ipa.example.com
- fix the display of the managedby attribute in the service plugin

This led to a number of changes in the service unit tests. I took the
opportunity to switch to the Declarative scheme and tripled the number
of tests we were doing. This shed some light on a few bugs in the plugin:

- if a service had a bad usercertificate it was impossible to delete the
  service. I made it a bit more flexible.
- I added a summary for the mod and find commands
- has_keytab wasn't being set in the find output

ticket 68
2010-08-16 17:13:56 -04:00
..
05rfc2247.ldif Incorporate new schema for IPAv2 2009-02-11 17:13:41 -05:00
60basev2.ldif 1. Schema cleanup 2010-07-21 11:40:25 -04:00
60ipaconfig.ldif Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
60kerberos.ldif - pull in updated schema which adds the krbCanonicalName attribute 2010-02-04 11:36:13 -05:00
60policyv2.ldif Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
60radius.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
60samba.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
anonymous-vlv.ldif Let anonymous users browse the VLV index 2009-07-10 16:45:45 -04:00
bind.named.conf.template named.conf: Add trailing dot to the fake_mname 2010-05-06 10:27:21 -04:00
bind.zone.db.template Only add an NTP SRV record if we really are setting up NTP 2010-01-21 17:09:21 -05:00
bootstrap-template.ldif Add container and initial ACIs for entitlement support 2010-07-29 10:50:29 -04:00
caJarSigningCert.cfg.template Add signing profile to CA installation so we can sign the firefox jar file. 2009-05-04 16:54:42 -04:00
certmap.conf.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
default-aci.ldif Enable a host to retrieve a keytab for all its services. 2010-08-16 17:13:56 -04:00
default-hbac.ldif Add ipaUniqueID to HBAC services and service groups 2010-05-27 10:51:02 -04:00
default-keytypes.ldif Add default values for krb ticket policy attributes during installation. 2010-01-13 13:43:51 -05:00
delegation.ldif Basic changes to get a default principal for DNS 2009-07-10 09:42:22 -04:00
dna-posix.ldif Ensure that dnaMaxValue is higher than dnaNextValue at install time 2009-09-09 22:05:24 -04:00
dna-upg.ldif Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
dns.ldif Use the dns plug-in for addition of records during installation 2010-01-21 17:09:18 -05:00
encrypted_attribute.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
fedora-ds.init.patch Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
indices.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
kdc.conf.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
kerberos.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
key_escrow_schema.ldif Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
krb5.conf.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
krb5.ini.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
krb.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
krbrealm.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
ldapi.ldif Enable ldapi connections in the management framework. 2009-08-27 13:36:58 -04:00
Makefile.am Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
master-entry.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
memberof-conf.ldif No longer use the IPA-specific memberof plugin. Use the DS-supplied one. 2009-10-12 09:37:38 -04:00
memberof-task.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
nis.uldif Fix nis netgroup configuration 2010-07-15 11:18:15 -04:00
ntp.conf.server.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
ntpd.sysconfig.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
preferences.html.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
referint-conf.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
schema_compat.uldif Enable anonymous VLV so Solaris clients will work out of the box. 2010-04-16 11:05:20 -04:00
unique-attributes.ldif - also ensure that krbCanonicalName is unique 2010-02-05 15:34:23 -05:00
user_private_groups.ldif Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
wsgi.py This patch removes the existing UI functionality, as a prep for adding the Javascript based ui. 2010-07-29 10:44:56 -04:00