mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-11 08:41:55 -06:00
973e0c04e4
First part of the required changes to merge a plugin to manage IPA as a trusted Active Directory user. It is not possible to omit ID view in IPA API but a client might specify empty ID view. Up right now the empty view was considered an error. This prevented Web UI from resolving ID overrides in a group member adder dialog. Default to 'Default Trust View' if the ID view is None or empty string (''). Do this only for user ID overrides, as we do not support adding group ID overrides as group members in a plugin to manage IPA as a trusted Active Directory user[1]. Being a group member means an object in LDAP must have an object class that allows 'memberOf' attribute because 389-ds 'memberof' plugin will attempt to link back to the object from the group. Allow use of 'nsMemberOf' object class in ID overrides. Fixes: https://pagure.io/freeipa/issue/7255 [1] https://github.com/abbra/freeipa-adusers-admins Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> |
||
---|---|---|
.. | ||
advise | ||
dnssec | ||
install | ||
plugins | ||
secrets | ||
__init__.py | ||
dcerpc_common.py | ||
dcerpc.py | ||
dns_data_management.py | ||
Makefile.am | ||
masters.py | ||
p11helper.py | ||
rpcserver.py | ||
servroles.py | ||
setup.cfg | ||
setup.py | ||
topology.py |