Go to file
Rob Crittenden c08296adff Configure s4u2proxy during installation.
This creates a new container, cn=s4u2proxy,cn=etc,$SUFFIX

Within that container we control which services are allowed to
delegate tickets for other services. Right now that is limited
from the IPA HTTP to ldap services.

Requires a version of mod_auth_kerb that supports s4u2proxy

https://fedorahosted.org/freeipa/ticket/1098
2012-01-10 22:39:26 -05:00
.tx Add Transifex tx client configuration file 2011-03-07 16:05:33 -05:00
checks Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
contrib ticket 2022 - modify codebase to utilize IPALogManager, obsoletes logging 2011-11-23 09:36:18 +01:00
daemons ipa-cldap: Support clients asking for default domain 2012-01-05 09:38:04 -05:00
doc Rename included snippets to avoid problems with pylint 2011-11-22 17:04:03 +02:00
init Add support for systemd environments and use it to support Fedora 16 2011-10-24 15:10:11 +02:00
install Configure s4u2proxy during installation. 2012-01-10 22:39:26 -05:00
ipa-client Require an HTTP Referer header in the server. Send one in ipa tools. 2011-12-12 17:36:45 -05:00
ipalib Added policies into user details page. 2012-01-10 18:42:26 +01:00
ipapython User-add random password support 2011-12-12 00:17:07 -05:00
ipaserver Configure s4u2proxy during installation. 2012-01-10 22:39:26 -05:00
selinux daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
tests HBAC test optional sourcehost option 2012-01-09 08:49:10 +02:00
util Add missing copyright header 2011-11-17 16:15:24 -05:00
.bzrignore Added top-level tests/ package that will contain all unit tests 2008-10-07 20:36:44 -06:00
.gitignore daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
API.txt HBAC test optional sourcehost option 2012-01-09 08:49:10 +02:00
autogen.sh build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches 2010-11-29 11:39:55 -05:00
BUILD.txt Rename ipa.spec.in to freeipa.spec.in in BUILD.txt. 2011-02-10 17:52:43 -05:00
Contributors.txt Add Ondrej Hamada to Contributors.txt 2011-11-10 19:57:31 -05:00
COPYING Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
freeipa.spec.in Configure s4u2proxy during installation. 2012-01-10 22:39:26 -05:00
ipa Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
ipa-compliance.cron Add support for tracking and counting entitlements 2011-02-02 10:00:38 -05:00
ipa.1 daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
lite-server.py rename static to ui 2011-01-20 14:12:47 +00:00
make-doc This patch removes the existing UI functionality, as a prep for adding the Javascript based ui. 2010-07-29 10:44:56 -04:00
make-lint ticket 2172 - If "make rpms" fails so will the next make 2011-12-08 08:33:00 +01:00
make-test Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
make-testcert Make data type of certificates more obvious/predictable internally. 2011-06-21 19:09:50 -04:00
makeapi Finalize plugin initialization on demand. 2011-11-22 00:52:24 -05:00
Makefile Remove old RPMROOT contents before it is used for rpmbuild 2011-12-09 10:03:41 +01:00
MANIFEST.in Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
README Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup-client.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup.py Add plugin framework to LDAP updates. 2011-11-22 23:57:10 -05:00
TODO Parse comma-separated lists of values in all parameter types. This can be enabled for a specific parameter by setting the "csv" option to True. 2011-11-30 17:08:35 +01:00
VERSION HBAC test optional sourcehost option 2012-01-09 08:49:10 +02:00
version.m4.in Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Quick Start
  -----------

  To get started quickly, start here:
  <https://fedorahosted.org/freeipa/wiki/QuickStartGuide>

  Licensing
  ---------

  Please see the file called COPYING.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa