Go to file
Endi S. Dewata edfe95b120 Removed hard-coded default profile subsystem class name
Previously in order to enable the LDAP profile subsystem
the ca_enable_ldap_profile_subsystem() would check the
current value of the profile subsystem class parameter in
CS.cfg. If the parameter was still set to the default value
(i.e. ProfileSubsystem), the code would change it to
LDAPProfileSubsystem.

There is a effort in PKI to clean up the profile subsystem
classes which may require changing the default value for
this parameter. However, this improvement is blocked since
the ca_enable_ldap_profile_subsystem() is implicitly assuming
that the default value will always be ProfileSubsystem.

This patch modifies the code such that instead of checking
for a specific value that needs to be changed, it will check
whether it has the desired value already. This mechanism
will reduce potential conflicts with future PKI improvements.

Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
2020-02-04 19:34:26 +11:00
.copr Adding auto COPR builds 2019-12-14 14:20:34 +02:00
asn1 fix minor spelling mistakes 2017-05-19 09:52:46 +02:00
client Print LDAP diagnostic messages on error 2020-01-17 15:47:00 +01:00
contrib lite-setup: configure lite-server test env 2020-01-24 08:35:47 -05:00
daemons Fix legacy S4U2Proxy in DAL v8 support 2020-02-01 10:05:46 +02:00
doc DSU: add Design for Disable Stale Users 2019-11-23 00:12:24 +01:00
init Move ipa's systemd tmpfiles from /var/run to /run 2018-10-15 10:04:33 +02:00
install Do not renew externally-signed CA as self-signed 2020-01-29 21:47:14 +11:00
ipaclient ipa-certupdate removes all CA certs from db before adding new ones 2020-01-28 13:05:31 -05:00
ipalib Do not renew externally-signed CA as self-signed 2020-01-29 21:47:14 +11:00
ipaplatform travis: Remove CI integration 2019-12-02 16:39:01 -03:00
ipapython DNS install check: allow overlapping zone to be from the master itself 2019-12-12 18:24:44 +01:00
ipaserver Removed hard-coded default profile subsystem class name 2020-02-04 19:34:26 +11:00
ipatests After mounting "Unspecified GSS failure" should not be in logs. 2020-02-04 07:57:43 +01:00
po Update translations 2019-11-12 17:08:43 +02:00
pypi Cleanup shebang and executable bit 2018-07-05 19:46:42 +02:00
util Print LDAP diagnostic messages on error 2020-01-17 15:47:00 +01:00
.freeipa-pr-ci.yaml Making nigthly test definition editable by FreeIPA's contributors 2018-07-27 09:50:06 +02:00
.git-commit-template git-commit-template: update ticket url to use pagure.io instead of fedorahosted.org 2017-03-28 13:10:08 +02:00
.gitignore ipa-client-samba: a tool to configure Samba domain member on IPA client 2019-06-29 11:00:28 +03:00
.lgtm.yml Improve Python configuration for LGTM 2018-10-26 18:04:23 +02:00
.mailmap Update mailmap 2019-04-24 09:47:31 +02:00
.tox-install.sh Avoid use of '/tmp' for pip operations 2019-07-16 13:23:21 +03:00
.wheelconstraints.in Use pylint 1.7.5 with fix for bad python3 import 2017-12-19 13:28:06 +01:00
ACI.txt Add Authentication Indicator Kerberos ticket policy options 2019-11-21 11:13:12 -05:00
API.txt Add Authentication Indicator Kerberos ticket policy options 2019-11-21 11:13:12 -05:00
autogen.sh build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches 2010-11-29 11:39:55 -05:00
BUILD.txt Add new tip for dependencies 2019-10-02 15:29:08 +02:00
CODE_OF_CONDUCT.md Changing Django's CoC to reflect FreeIPA CoC 2018-03-26 09:51:25 +02:00
configure.ac Add a skeleton kdcpolicy plugin 2019-09-10 12:33:21 +03:00
Contributors.txt Update contributors 2019-11-12 20:49:18 +02:00
COPYING Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
COPYING.openssl Add a clear OpenSSL exception. 2015-02-23 16:25:54 +01:00
freeipa.doap.rdf Adding modified DOAP file 2018-06-22 11:02:40 -04:00
freeipa.spec.in Support DAL version 8.0 2020-01-31 14:36:31 +01:00
ipa.in Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
ipasetup.py.in Address inconsistent-return-statements 2018-11-13 13:37:58 +01:00
make-doc Make an ipa-tests package 2013-06-17 19:22:50 +02:00
make-test Use pytest conftest.py and drop pytest.ini 2017-01-05 17:37:02 +01:00
makeaci.in Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
makeapi.in Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
Makefile.am travis: Remove CI integration 2019-12-02 16:39:01 -03:00
Makefile.python.am Add PYTHON_INSTALL_EXTRA_OPTIONS and --install-layout=deb 2017-03-15 13:48:23 +01:00
Makefile.pythonscripts.am ipa-scripts: fix all ipa command line scripts to operate with -I 2019-09-19 10:44:09 -04:00
makerpms.sh Fix unnecessary usrmerge assumptions 2019-04-17 13:56:05 +02:00
pylint_plugins.py Test installation with (fake) userspace FIPS 2019-11-14 16:01:15 +01:00
pylintrc Fix errors found by Pylint-2.4.3 2019-10-21 18:01:32 +11:00
README.md README: Update link to freeipa-devel archive 2019-03-20 17:32:43 +01:00
server.m4 Add a skeleton kdcpolicy plugin 2019-09-10 12:33:21 +03:00
tox.ini Avoid use of '/tmp' for pip operations 2019-07-16 13:23:21 +03:00
VERSION.m4 Add group membership management 2019-11-11 09:31:14 +01:00
zanata.xml Zanata: exlude testing ipa.pot file 2016-11-21 14:47:47 +01:00

FreeIPA Server

FreeIPA allows Linux administrators to centrally manage identity, authentication and access control aspects of Linux and UNIX systems by providing simple to install and use command line and web based management tools.

FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.

FreeIPA can seamlessly integrate into an Active Directory environment via cross-realm Kerberos trust or user synchronization.

Benefits

FreeIPA:

  • Allows all your users to access all the machines with the same credentials and security settings
  • Allows users to access personal files transparently from any machine in an authenticated and secure way
  • Uses an advanced grouping mechanism to restrict network access to services and files only to specific users
  • Allows central management of security mechanisms like passwords, SSH Public Keys, SUDO rules, Keytabs, Access Control Rules
  • Enables delegation of selected administrative tasks to other power users
  • Integrates into Active Directory environments

Components

The FreeIPA project provides unified installation and management tools for the following components:

Project Website

Releases, announcements and other information can be found on the IPA server project page at http://www.freeipa.org/ .

Documentation

The most up-to-date documentation can be found at http://freeipa.org/page/Documentation .

Quick Start

To get started quickly, start here: http://www.freeipa.org/page/Quick_Start_Guide

For developers

Licensing

Please see the file called COPYING.

Contacts