freeipa/daemons
Alexander Bokovoy a1be4fc863 KDB: support external IdP configuration
When IdP configuration is provided, take it into account:

 - idp-specific Kerberos ticket policy would be applied

 - Presence of IdP link in a Kerberos principal entry would cause KDB to
   enable `idp` pre-authentication method on KDC side.

The latter requires additional pre-authentication method supplied with
SSSD 2.7.0.

Fixes: https://pagure.io/freeipa/issue/8804

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Signed-off-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-By: Francisco Trivino <ftrivino@redhat.com>
Reviewed-By: Sumit Bose <sbose@redhat.com>
2022-05-10 15:52:41 +03:00
..
dnssec dnssec: concurrency issue when disabling old replica key 2021-03-09 16:52:38 +01:00
ipa-kdb KDB: support external IdP configuration 2022-05-10 15:52:41 +03:00
ipa-otpd ipa-otpd: add support for SSSD OIDC helper 2022-05-10 15:52:41 +03:00
ipa-sam ipa-sam: retrieve trusted domain account credential from the TDO itself 2022-04-13 18:37:12 +02:00
ipa-slapi-plugins ipa-pwd-extop: allow ipasam to request RC4-HMAC in Kerberos keys for trusted domain objects 2022-04-13 18:37:12 +02:00
ipa-version.h.in Build: move version handling from Makefile to configure 2016-11-09 13:08:32 +01:00
Makefile.am build: Unify compiler warning flags used 2021-01-15 14:11:56 +01:00