freeipa/install
Pavel Vomacka ceedc3f7ec WebUI: Add support for login for AD users
After login, method user-find --whoami was called which cannot be
called for AD users. That method was replaced by ipa whoami command
and sequential command according to result of ipa whoami. AD user
can now be logged in.

AD users have new menu definition which contains only list of IPA
users and profile page of AD user - "User ID Override".

This commit also fixes several places where IPA.whoami object was
used, because its structure was also changed. It now contains two
objects. First one is stored in 'metadata' property and stores
result from ipa whoami (type of object, command which should be
called for showing detailed data about currently logged entity, etc).
The second one is stored in 'data' property which stores result of
_show command for currently logged entity.

https://pagure.io/freeipa/issue/3242

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2017-03-27 08:55:41 +02:00
..
certmonger Moving ipaCert from HTTPD_ALIAS_DIR 2017-03-01 09:43:41 +00:00
conf Increase Apache HTTPD's default keep alive timeout 2017-03-20 19:24:28 +01:00
html Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
migration Set explicit confdir option for global contexts 2016-12-02 09:14:35 +01:00
oddjob Add a new user to run the framework code 2017-02-15 07:13:37 +01:00
restart_scripts Moving ipaCert from HTTPD_ALIAS_DIR 2017-03-01 09:43:41 +00:00
share Support 8192-bit RSA keys in default cert profile 2017-03-22 12:29:23 +01:00
tools man ipa-cacert-manage install needs clarification 2017-03-22 10:13:56 +01:00
ui WebUI: Add support for login for AD users 2017-03-27 08:55:41 +02:00
updates Short name resolution: introduce the required schema 2017-03-14 18:37:10 +01:00
wsgi Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
Makefile.am Configure HTTPD to work via Gss-Proxy 2017-02-15 07:13:37 +01:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.