freeipa/install
Jan Cholasta 9ea764ecf5 cacert manage: support PKINIT
Allow installing 3rd party CA certificates trusted to issue PKINIT KDC
and/or client certificates.

https://pagure.io/freeipa/issue/6831

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2017-05-19 12:31:24 +02:00
..
certmonger renew agent: get rid of virtual profiles 2017-05-15 12:14:28 +02:00
conf Bump version of ipa.conf file 2017-05-11 17:00:27 +02:00
html fix spelling mistake; minor rewording 2017-05-19 09:52:46 +02:00
migration Set explicit confdir option for global contexts 2016-12-02 09:14:35 +01:00
oddjob Add a new user to run the framework code 2017-02-15 07:13:37 +01:00
restart_scripts server install: fix KDC PKINIT configuration 2017-05-19 12:31:24 +02:00
share server install: fix KDC PKINIT configuration 2017-05-19 12:31:24 +02:00
tools cacert manage: support PKINIT 2017-05-19 12:31:24 +02:00
ui WebUI - Coverity: fix identical branches of if statement 2017-04-25 12:23:12 +02:00
updates compat plugin: Update link to slapi-nis project 2017-04-24 17:11:51 +02:00
wsgi Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
Makefile.am Configure HTTPD to work via Gss-Proxy 2017-02-15 07:13:37 +01:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.