freeipa/install/share
Alexander Bokovoy ad6480f845 schema-compat: set precedence to 49 to allow OTP binds over compat tree
schema-compat plugin rewrites bind DN to point to the original entry
on LDAP bind operation. To work with OTP tokens this requires that
schema-compat's pre-bind callback is called before pre-bind callback of
the ipa-pwd-extop plugin. Therefore, schema-compat plugin should have
a nsslapd-pluginprecedence value lower than (default) 50 which is used
by the ipa-pwd-extop plugin.

Note that this will only work if ticket 47699 is fixed in 389-ds.

Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
2014-04-04 08:45:43 +02:00
..
advise Add ipa-advise plugins for nss-pam-ldapd legacy clients 2013-10-18 16:15:12 +02:00
05rfc2247.ldif Make schema files conform to new updater 2013-11-18 16:54:21 +01:00
15rfc2307bis.ldif Add formerly update-only schema 2013-11-18 16:54:21 +01:00
15rfc4876.ldif Add formerly update-only schema 2013-11-18 16:54:21 +01:00
60basev2.ldif Make schema files conform to new updater 2013-11-18 16:54:21 +01:00
60basev3.ldif permissions: Use multivalued targetfilter 2014-02-20 13:11:41 +01:00
60ipaconfig.ldif Unify capitalization of attribute names in schema files 2013-11-18 16:54:22 +01:00
60ipadns.ldif Make schema files conform to new updater 2013-11-18 16:54:21 +01:00
60kerberos.ldif Add support for account unlocking 2011-01-28 10:23:02 -05:00
60policyv2.ldif Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
60samba.ldif Make schema files conform to new updater 2013-11-18 16:54:21 +01:00
61kerberos-ipav3.ldif Perform case-insensitive searches for principals on TGS requests 2012-06-07 09:39:10 +02:00
65ipasudo.ldif Unify capitalization of attribute names in schema files 2013-11-18 16:54:22 +01:00
70ipaotp.ldif Make all ipatokenTOTP attributes mandatory 2014-02-21 16:07:39 +01:00
anonymous-vlv.ldif Let anonymous users browse the VLV index 2009-07-10 16:45:45 -04:00
automember.ldif 34 Create FreeIPA CLI Plugin for the 389 Auto Membership plugin 2011-08-31 09:49:43 +02:00
bind.named.conf.template Remove --no-serial-autoincrement 2013-10-11 09:47:59 +02:00
bind.zone.db.template Use A/AAAA records instead of CNAME records in ipa-ca. 2013-04-15 21:12:36 +02:00
bootstrap-template.ldif Remove entitlement support 2013-06-26 14:11:42 +02:00
caJarSigningCert.cfg.template Add signing profile to CA installation so we can sign the firefox jar file. 2009-05-04 16:54:42 -04:00
certmap.conf.template Fix selected minor issues in the spec file and license 2013-08-13 15:31:46 +02:00
copy-schema-to-ca.py Use /usr/bin/python2 2014-01-03 09:46:05 +01:00
default-aci.ldif Add HOTP support 2014-02-21 10:26:02 +01:00
default-hbac.ldif Remove sourcehostcategory from the default HBAC rule. 2014-02-06 16:46:24 +01:00
default-smb-group.ldif Change DNA magic value to -1 to make UID 999 usable 2013-03-11 17:07:07 +01:00
delegation.ldif Remove entitlement support 2013-06-26 14:11:42 +02:00
disable-betxn.ldif Explicitly disable betxn plugins for the time being. 2012-10-10 20:24:10 -04:00
dna.ldif Change DNA magic value to -1 to make UID 999 usable 2013-03-11 17:07:07 +01:00
dns.ldif Per-domain DNS record permissions 2012-06-28 15:21:21 +02:00
ds-nfiles.ldif Autotune directory server to use a greater number of files 2010-11-22 12:42:16 -05:00
encrypted_attribute.ldif Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
entryusn.ldif Address entryusn initialization on replica installation 2011-01-28 13:58:43 -05:00
fedora-ds.init.patch Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
host_nis_groups.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
indices.ldif Add missing equality index for ipaUniqueId. 2013-07-11 12:39:26 +03:00
kdc_extensions.template Add support for configuring KDC certs for PKINIT 2010-11-18 15:09:36 -05:00
kdc_req.conf.template Add support for configuring KDC certs for PKINIT 2010-11-18 15:09:36 -05:00
kdc.conf.template ipa-kdb: Change install to use the new ipa-kdb kdc backend 2011-08-26 08:24:50 -04:00
kerberos.ldif Add Camellia ciphers to allowed list. 2013-07-18 10:49:38 +03:00
key_escrow_schema.ldif Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
krb5.conf.template Allow kernel keyring CCACHE when supported 2013-12-09 12:21:22 +01:00
krb5.ini.template Set master_kdc and dns_lookup_kdc to true 2012-09-19 20:47:12 -04:00
krb.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
krb.js.template Build and installation of Kerberos authentication extension 2012-10-04 18:08:04 -04:00
krbrealm.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
ldapi.ldif Enable ldapi connections in the management framework. 2009-08-27 13:36:58 -04:00
Makefile.am Use LDAP API to upload CA certificate instead of ldapmodify command. 2014-03-25 16:54:54 +01:00
managed-entries.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
master-entry.ldif Use FQDN in place of FQHN for consistency in sub_dict. 2012-02-15 20:27:34 -05:00
memberof-conf.ldif Display user and host membership in netgroups. 2010-11-24 08:38:41 -05:00
memberof-task.ldif Wait for memberof task and DS to start before proceeding in installation. 2011-04-22 11:43:50 +02:00
modrdn-krbprinc.ldif The precendence on the modrdn plugin was set in the wrong location. 2011-09-13 17:36:59 +02:00
nis.uldif Enable transactions by default, make password and modrdn TXN-aware 2012-11-21 14:55:12 +01:00
preferences.html.template Set network.http.sendRefererHeader to 2 on browser config 2012-06-22 10:44:45 +02:00
referint-conf.ldif Expand Referential Integrity checks 2012-09-16 17:59:27 -04:00
replica-acis.ldif Extend ipa-replica-manage to be able to manage DNA ranges. 2013-03-13 10:32:36 -04:00
replica-automember.ldif 34 Create FreeIPA CLI Plugin for the 389 Auto Membership plugin 2011-08-31 09:49:43 +02:00
replica-s4u2proxy.ldif Add cifs principal to S4U2Proxy targets only when running ipa-adtrust-install 2012-10-09 18:15:01 -04:00
repoint-managed-entries.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
root-autobind.ldif Remove root autobind search restriction, fix upgrade logging & error handling. 2011-06-13 09:51:05 +02:00
sasl-mapping-fallback.ldif Enable SASL mapping fallback. 2013-06-27 17:06:51 +02:00
schema_compat.uldif schema-compat: set precedence to 49 to allow OTP binds over compat tree 2014-04-04 08:45:43 +02:00
schema-update.ldif Fix nsslapdPlugin object class after initial replication. 2013-09-10 09:49:43 +02:00
smb.conf.empty Add trust management for Active Directory trusts 2012-06-07 09:39:09 +02:00
smb.conf.template ipa-adtrust-install: configure host netbios name by default 2014-01-20 10:35:03 +01:00
sudobind.ldif Create default disabled sudo bind user 2011-02-23 15:32:24 -05:00
unique-attributes.ldif Add uniqueness plugin configuration for sudorule cn 2012-10-08 18:32:41 -04:00
user_private_groups.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
uuid-ipauniqueid.ldif UUIDs: remove uuid python plugin and let DS always autogenerate 2010-10-28 07:58:31 -04:00
wsgi.py Tweak the session auth to reflect developer consensus. 2012-02-27 05:54:29 -05:00