mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-26 16:16:31 -06:00
5fae809d92
It was possible to add external members without any validation. Any object that was not found in IPA LDAP was considered an external object and a command such as sudorule could have added it to the list of values for externalUser attribute. With member validator support, real external members from trusted domains can be differentiated from the objects that were not found in IPA and in trusted domains. Use information from the ID Views plugin to treat external objects accordingly. Not found objects will be part of the error messaging instead. Fixes: https://pagure.io/freeipa/issue/3226 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| masters.py | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||