Alexander Bokovoy dc8f074cc7 trusts: add support for one-way shared secret trust ... Refactor ipa-sam code to generate principals with additional POSIX information so that FreeIPA is capable to establish trust when using a shared secret from Active Directory domain controller side. Trust verification process from Samba AD DC or Microsoft Windows AD DC side requires us to have a working local TDO object with POSIX attributes so that smbd would be able to map incoming authenticated Kerberos principal for the TDO to a local POSIX account. Note that FreeIPA stores TDO objects in a subtree of cn=trusts,$SUFFIX and thus SSSD is not able to see these POSIX accounts unless specifically instructed to do so via multiple search bases. The support for automatically enabling cn=trusts,$SUFFIX search base in IPA server mode was added to SSSD 1.16.3 and 2.1.0 with the commit 14faec9cd9 Fixes: https://pagure.io/freeipa/issue/6077 Reviewed-By: Christian Heimes <cheimes@redhat.com>		2019-03-28 14:08:19 +01:00
..
dnssec	Generate scripts from templates	2018-08-23 14:49:06 +02:00
ipa-kdb	ipa-kdb: reduce LDAP operations timeout to 30 seconds	2018-11-16 16:54:38 -05:00
ipa-otpd	Py3: Replace six.moves imports	2018-10-05 12:06:19 +02:00
ipa-sam	trusts: add support for one-way shared secret trust	2019-03-28 14:08:19 +01:00
ipa-slapi-plugins	Coverity: fix issue in ipa_extdom_extop.c	2019-03-21 15:18:56 +01:00
ipa-version.h.in	Build: move version handling from Makefile to configure	2016-11-09 13:08:32 +01:00
Makefile.am	Build: properly integrate ipa-version.h.in into build system	2016-11-29 15:28:24 +01:00