freeipa/ipa-client
Martin Kosek be54d1deb5 ipa-client discovery with anonymous access off
When RootDSE could be read (nsslapd-allow-anonymous-access set to
"rootdse"), autodiscovery module failed to report success to the
client installer.

Remove faulty "verified_servers" flag from autodiscovery module as
it has no point since we consider both scenarios (IPA server with
anonymous access on and unknown LDAP server with anonymous access
off) as success.

https://fedorahosted.org/freeipa/ticket/3519
2013-03-20 09:22:10 +01:00
..
firefox Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
ipa-install Avoid multiple client discovery with fixed server list 2013-03-14 09:35:25 +01:00
ipaclient ipa-client discovery with anonymous access off 2013-03-20 09:22:10 +01:00
man Add support for re-enrolling hosts using keytab 2013-03-12 15:13:09 +01:00
AUTHORS Fix build from autoconf patch import. 0001-01-01 00:00:00 +00:00
config.c Fix coverity issues in client CLI tools 2011-11-23 00:30:41 -05:00
configure.ac Add configure check for libintl.h 2011-11-16 18:35:19 -05:00
ipa-client-common.c Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
ipa-client-common.h include <stdint.h> for uintptr_t 2011-09-22 09:42:11 -04:00
ipa-client.spec.in Fix versioning for configure.ac and ipa-python/setup.py 2008-08-11 18:31:05 -04:00
ipa-getkeytab.c Move some krb5 keys related functions from ipa-client to util 2012-06-11 12:04:05 +02:00
ipa-join.c Add support for re-enrolling hosts using keytab 2013-03-12 15:13:09 +01:00
ipa-rmkeytab.c Use indexed format specifiers in i18n strings 2012-04-10 18:07:10 -04:00
Makefile.am Add configure check for libintl.h 2011-11-16 18:35:19 -05:00
NEWS Fix build from autoconf patch import. 0001-01-01 00:00:00 +00:00
README Add a copy of the LICENSE and populate some README's 2008-01-23 10:30:18 -05:00
version.m4.in Fix versioning for configure.ac and ipa-python/setup.py 2008-08-11 18:31:05 -04:00

Code to be installed on any client that wants to be in an IPA domain.

Mostly consists of a tool for Linux systems that will help configure the
client so it will work properly in a kerberized environment.

It also includes several ways to configure Firefox to do single sign-on.

The two methods on the client side are:

1. globalsetup.sh. This modifies the global Firefox installation so that
   any profiles created will be pre-configured.

2. usersetup.sh. This will update a user's existing profile.

The downside of #1 is that an rpm -V will return a failure. It will also
need to be run with every update of Firefox.

One a profile contains the proper preferences it will be unaffected by
upgrades to Firefox. 

The downside of #2 is that every user would need to run this each time they
create a new profile.

There is a third, server-side method. See ipa-server/README for details.