freeipa/install
Nathaniel McCallum 41bf0ba940 Create ipa-otp-counter 389DS plugin
This plugin ensures that all counter/watermark operations are atomic
and never decrement. Also, deletion is not permitted.

Because this plugin also ensures internal operations behave properly,
this also gives ipa-pwd-extop the appropriate behavior for OTP
authentication.

https://fedorahosted.org/freeipa/ticket/4493
https://fedorahosted.org/freeipa/ticket/4494

Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
Reviewed-By: Martin Kosek <mkosek@redhat.com>
2014-10-20 10:12:36 +02:00
..
certmonger Check that renewed certificates coming from LDAP are actually renewed. 2014-07-30 16:04:21 +02:00
conf Re-enable uninstall feature for ipa-kra-install 2014-09-15 10:58:29 +02:00
ffextension webui: append network.negotiate-auth.trusted-uris 2014-09-11 09:41:51 +02:00
html webui: remove remnants of jquery-ui 2014-06-10 10:23:22 +02:00
migration ipaplatform: Move all filesystem paths to ipaplatform.paths module 2014-06-16 19:48:20 +02:00
po Add a KRA to IPA 2014-08-22 09:59:31 +02:00
restart_scripts Add a KRA to IPA 2014-08-22 09:59:31 +02:00
share Make named.conf template platform independent 2014-10-14 13:55:02 +02:00
tools Check LDAP instead of local configuration to see if IPA CA is enabled 2014-10-17 12:53:11 +02:00
ui Display token type when viewing token 2014-10-20 09:59:19 +02:00
updates Create ipa-otp-counter 389DS plugin 2014-10-20 10:12:36 +02:00
wsgi ipaplatform: Move all filesystem paths to ipaplatform.paths module 2014-06-16 19:48:20 +02:00
configure.ac RCUE initial commit 2014-01-21 12:04:02 +01:00
Makefile.am Change group ownership of CRL publish directory 2013-07-16 12:17:40 +02:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.