Go to file
Rob Crittenden ba59d9d648 Add support for User-Private Groups
This uses a new 389-ds plugin, Managed Entries, to automatically create
a group entry when a user is created. The DNA plugin ensures that the
group has a gidNumber that matches the users uidNumber. When the user is
removed the group is automatically removed as well.

If the managed entries plugin is not available or if a specific, separate
range for gidNumber is passed in at install time then User-Private Groups
will not be configured.

The code checking for the Managed Entries plugin may be removed at some
point. This is there because this plugin is only available in a 389-ds
alpha release currently (1.2.6-a4).
2010-07-06 15:39:34 -04:00
checks rebase dogtag clean-up patch 2009-12-09 01:57:08 -07:00
contrib Replace /etc/ipa/ipa.conf with /etc/ipa/default.conf 2009-12-01 09:11:23 -07:00
daemons Include missing file from version plugin and update min version of 389-ds 2010-06-24 17:29:31 -04:00
doc/examples Add file with example plugins/tutorial. 2010-04-27 16:33:08 -04:00
install Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
ipa-client Retrieve the CA certificate before starting enrollment. 2010-06-21 09:52:15 -04:00
ipa-radius-admintools Rework config.py and change cli tools. Maintain order of IPA servers from command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234 2008-09-11 23:34:01 +02:00
ipa-radius-server Fix versioning for configure.ac and ipa-python/setup.py 2008-08-11 18:31:05 -04:00
ipalib Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
ipapython use NSS for SSL operations 2010-06-15 15:03:36 -04:00
ipaserver Add support for User-Private Groups 2010-07-06 15:39:34 -04:00
ipawebui Consolidate to single WSGI entry point 2010-03-01 20:21:38 -07:00
selinux Move the dogtag SELinux rules loading into the spec file 2010-05-27 10:50:13 -04:00
tests Fix aci_mod command. It should handle more complex operations now. 2010-06-24 10:26:08 -04:00
.bzrignore Added top-level tests/ package that will contain all unit tests 2008-10-07 20:36:44 -06:00
.gitignore Add build to .gitignore 2008-10-23 10:37:16 -04:00
autogen.sh Add support for building internationalized translations. 2010-02-09 22:07:18 -05:00
Contributors.txt Add Ukrainian translations 2010-03-16 13:59:48 -04:00
ipa Started reworking CLI class into cli plugin 2009-02-03 15:29:03 -05:00
ipa.1 Connect the -v cli argument to the verbose flag in xmlrpclib 2010-06-03 17:08:22 -04:00
ipa.spec.in Include missing file from version plugin and update min version of 389-ds 2010-06-24 17:29:31 -04:00
LICENSE Added GPL v2 in LICENSE file 2008-10-14 16:51:04 -06:00
lite-server.py Consolidate to single WSGI entry point 2010-03-01 20:21:38 -07:00
make-doc Renamed all references to 'ipa_webui' to 'ipawebui' 2009-01-04 19:45:53 -07:00
make-test Added Fuzzy docstrings; make-test now runs doctests in tests/*; fixed 'existant' mispelling 2009-12-18 10:56:13 -05:00
Makefile Replication version checking. 2010-06-24 10:33:53 -04:00
MANIFEST.in Giant webui patch take 2 2009-10-13 11:28:00 -06:00
README Add a copy of the LICENSE and populate some README's 2008-01-23 10:30:18 -05:00
setup-client.py Add a separate client-only target 2009-10-17 22:56:47 -06:00
setup.py Add ipa man page. 2010-04-07 08:59:04 -04:00
TODO Updated TODO based on discussion between Rob, Pavel, and Jason; put TODO in reStructuredText style formatting 2009-05-19 09:55:34 -04:00
VERSION Replication version checking. 2010-06-24 10:33:53 -04:00
version.m4.in Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Licensing
  ---------

  Please see the file called LICENSE.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa