freeipa/install
Fraser Tweedale 4c35afccf3 Use Dogtag REST API for certificate requests
The Dogtag REST API gives better responses statuses than the RPC API
and properly reports failure due to disabled CA (status 409).  Make
'ra' extend 'RestClient' and refactor the 'request_certificate'
method to use Dogtag's REST API.

Part of: https://fedorahosted.org/freeipa/ticket/6260
Part of: https://fedorahosted.org/freeipa/ticket/3473

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2016-09-07 12:49:28 +02:00
..
certmonger ipa-certupdate: track lightweight CA certificates 2016-06-29 08:52:29 +02:00
conf Use Dogtag REST API for certificate requests 2016-09-07 12:49:28 +02:00
ffextension webui: append network.negotiate-auth.trusted-uris 2014-09-11 09:41:51 +02:00
html Added warning to user for Internet Explorer 2016-04-28 14:28:11 +02:00
migration Remove unused imports 2015-12-23 07:59:22 +01:00
oddjob Always fetch forest info from root DCs when establishing one-way trust 2016-09-05 09:20:55 +02:00
po Update translations 2016-08-30 10:25:36 +02:00
restart_scripts Update lightweight CA serial after renewal 2016-06-29 08:52:29 +02:00
share support schema files from third-party plugins 2016-08-19 15:34:26 +02:00
tools Raise error when running ipa-adtrust-install with empty netbios--name 2016-08-30 13:21:49 +02:00
ui WebUI add support for sub-CAs while revoking certificates 2016-09-07 12:34:52 +02:00
updates support multiple uid values in schema compatibility tree 2016-08-25 10:34:51 +02:00
wsgi Modernize 'except' clauses 2015-08-12 18:17:23 +02:00
configure.ac support schema files from third-party plugins 2016-08-19 15:34:26 +02:00
Makefile.am trusts: add support for one-way trust and switch to it by default 2015-07-08 01:56:52 +02:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.