Simo Sorce 7502ebe479 Initial implementation of policies support. ... This patch uses the kerberos schema policy, this is the same policy used by kadmin. While this patch allows for krbPwdPolicy objects anywhere the kldap module will make the kdc fail to provide tickets if the "krbPwdPolicyReference" points to any object that is not a child of cn=<REALM>,cn=kerberos,dc=.... To let us set policies anywhere in the tree I enabled the code to actually look at parent entries and the user entry itself and specify policies directly on these objects by adding the krbPwdPolicy objectclass to them (I know its structural but DS seem to allow multiple Structural classes on the same entry). The only side effect is that kadmin will not understand this, but we don't want to use kadmin anyway as it does not understand way too many things about the directory. I've tested a few scenarios and all seem working as expected, but further testing is welcome of course.		2007-11-13 16:21:03 -05:00
ipa-admintools	Allow a user or group to change an attribute in its RDN	2007-11-12 23:11:55 -05:00
ipa-client	NTP configuration for client and server.	0001-01-01 00:00:00 +00:00
ipa-python	Handle ldap.UNWILLING_TO_PERFORM more gracefully	2007-11-09 16:34:52 -05:00
ipa-server	Initial implementation of policies support.	2007-11-13 16:21:03 -05:00
.hgtags	Added tag milestone_4_1 for changeset 77f4aaa4e4bd	0001-01-01 00:00:00 +00:00
Makefile	Allow setting of lib directory to correct non-rpm builds on x86_64.	0001-01-01 00:00:00 +00:00