freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00

Go to file

Rob Crittenden e4470f8165 User-defined certificate subjects Let the user, upon installation, set the certificate subject base for the dogtag CA. Certificate requests will automatically be given this subject base, regardless of what is in the CSR. The selfsign plugin does not currently support this dynamic name re-assignment and will reject any incoming requests that don't conform to the subject base. The certificate subject base is stored in cn=ipaconfig but it does NOT dynamically update the configuration, for dogtag at least. The file /var/lib/pki-ca/profiles/ca/caIPAserviceCert.cfg would need to be updated and pki-cad restarted.		2010-01-20 17:24:01 -05:00
checks	rebase dogtag clean-up patch	2009-12-09 01:57:08 -07:00
contrib	Replace /etc/ipa/ipa.conf with /etc/ipa/default.conf	2009-12-01 09:11:23 -07:00
daemons	Add BIND pre-op for DS->IPA password migration to ipa-pwd-extop DS plugin.	2010-01-20 16:53:51 -05:00
doc/examples	Fleshed out krb plugin and added example of scripting against Python API	2009-08-31 15:47:14 -06:00
install	User-defined certificate subjects	2010-01-20 17:24:01 -05:00
ipa-client	Stop looking when removing entries from a keytab.	2010-01-20 17:02:50 -05:00
ipa-radius-admintools	Rework config.py and change cli tools. Maintain order of IPA servers from command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234	2008-09-11 23:34:01 +02:00
ipa-radius-server	Fix versioning for configure.ac and ipa-python/setup.py	2008-08-11 18:31:05 -04:00
ipalib	User-defined certificate subjects	2010-01-20 17:24:01 -05:00
ipapython	Replace /etc/ipa/ipa.conf with /etc/ipa/default.conf	2009-12-01 09:11:23 -07:00
ipaserver	User-defined certificate subjects	2010-01-20 17:24:01 -05:00
ipawebui	Take 2: Extensible return values and validation; steps toward a single output_for_cli(); enable more webUI stuff	2009-12-10 08:29:15 -07:00
selinux	Set the context of files needed by the selfsign CA so Apache can write them	2009-12-16 19:26:40 -07:00
tests	Fix backend.Executioner unit test.	2010-01-13 13:39:50 -05:00
.bzrignore	Added top-level tests/ package that will contain all unit tests	2008-10-07 20:36:44 -06:00
.gitignore	Add build to .gitignore	2008-10-23 10:37:16 -04:00
autogen.sh	Complete consolidation into a single autogen.sh	2009-02-04 09:04:26 -05:00
ipa	Started reworking CLI class into cli plugin	2009-02-03 15:29:03 -05:00
ipa.spec.in	Add DS migration plugin and password migration page.	2010-01-20 16:54:17 -05:00
LICENSE	Added GPL v2 in LICENSE file	2008-10-14 16:51:04 -06:00
lite-server.py	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
make-doc	Renamed all references to 'ipa_webui' to 'ipawebui'	2009-01-04 19:45:53 -07:00
make-test	Added Fuzzy docstrings; make-test now runs doctests in tests/*; fixed 'existant' mispelling	2009-12-18 10:56:13 -05:00
Makefile	Add a separate client-only target	2009-10-17 22:56:47 -06:00
MANIFEST.in	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
README	Add a copy of the LICENSE and populate some README's	2008-01-23 10:30:18 -05:00
setup-client.py	Add a separate client-only target	2009-10-17 22:56:47 -06:00
setup.py	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
TODO	Updated TODO based on discussion between Rob, Pavel, and Jason; put TODO in reStructuredText style formatting	2009-05-19 09:55:34 -04:00
VERSION	Back down to version 1.9.0 in preparation for release of first alpha.	2009-10-26 13:55:01 -04:00
version.m4.in	Mass tree reorganization for IPAv2. To view previous history of files use:	2009-02-03 15:27:14 -05:00

README

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Licensing
  ---------

  Please see the file called LICENSE.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa