IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00
Code Issues Packages Projects Releases Wiki Activity
6e6fad4b76
freeipa/ipaserver
History
Alexander Bokovoy 6e6fad4b76 SMB: switch IPA domain controller role 
As a part of CVE-2020-25717 mitigations, Samba now assumes 'CLASSIC
PRIMARY DOMAIN CONTROLLER' server role does not support Kerberos
operations.  This is the role that IPA domain controller was using for
its hybrid NT4/AD-like operation.

Instead, 'IPA PRIMARY DOMAIN CONTROLLER' server role was introduced in
Samba. Switch to this role for new installations and during the upgrade
of servers running ADTRUST role.

Fixes: https://pagure.io/freeipa/issue/9031

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2021-11-10 15:00:27 -05:00
..
advise ipa-advise: Define the domain used when looking up ipa-ca 2021-08-03 11:05:15 -04:00
custodia Also drop Custodia client and forwarder 2021-06-16 10:28:17 -04:00
dnssec OpenDNSSEC: fix timezone in key creation date 2021-02-04 14:20:59 +01:00
install SMB: switch IPA domain controller role 2021-11-10 15:00:27 -05:00
plugins Make the schema cache TTL user-configurable 2021-11-03 10:59:10 +01:00
secrets Remove more unused Custodia code 2021-06-16 10:28:17 -04:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc_common.py Py3: Replace six.text_type with str 2018-09-27 16:11:18 +02:00
dcerpc.py trust-fetch-domains: use custom krb5.conf overlay for all trust operations 2021-01-22 12:21:33 -05:00
dns_data_management.py Add URI system records for KDC 2021-08-31 18:28:27 -04:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
masters.py Add hidden replica feature 2019-03-28 17:57:58 +01:00
p11helper.py Grammar: whitespace is a word 2020-06-23 10:16:29 +02:00
rpcserver.py ipa config: add --enable-sid option 2021-11-02 10:11:28 +01:00
servroles.py Use api.env.container_sysaccounts 2020-04-28 11:28:29 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Also drop Custodia client and forwarder 2021-06-16 10:28:17 -04:00
topology.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
wsgi.py Improve wsgi app loading 2021-04-07 11:43:23 +03:00