freeipa/install/share
Rob Crittenden d9efa728c5 Add LDAP attribute ipaCaHSMConfiguration to store HSM state
This will be used so that when a replica is created it can
configure the HSM without relying on the user to pass in
the same token, library name, etc.

Fixes: https://pagure.io/freeipa/issue/9273

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
2024-05-16 08:46:32 -04:00
..
advise Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
profiles Add SHA384withRSA as a certificate signing algorithm 2021-07-09 13:21:00 -04:00
schema.d Change FreeIPA references to IPA and Identity Management 2021-01-21 13:51:45 +01:00
05rfc2247.ldif Remove references to GPL v2.0 license 2015-02-20 15:40:42 +01:00
15rfc2307bis.ldif Add formerly update-only schema 2013-11-18 16:54:21 +01:00
15rfc4876.ldif Add formerly update-only schema 2013-11-18 16:54:21 +01:00
60basev2.ldif Implement LDAP bind grace period 389-ds plugin 2022-05-30 17:24:22 +03:00
60basev3.ldif LDAP schema: new attribute ipaautoprivategroups 2021-04-19 17:14:23 +02:00
60basev4.ldif passkeyconfig: require-user-verification is a boolean 2023-06-01 08:20:37 +02:00
60certificate-profiles.ldif Add LDAP attribute ipaCaHSMConfiguration to store HSM state 2024-05-16 08:46:32 -04:00
60ipaconfig.ldif Fix oid of ipaUserDefaultSubordinateId 2021-07-09 09:47:30 -04:00
60ipadns.ldif DNS: Support URI resource record type 2016-10-11 16:48:47 +02:00
60ipapk11.ldif DNSSEC: schema 2014-10-21 12:23:03 +02:00
60kerberos.ldif Add Authentication Indicator Kerberos ticket policy options 2019-11-21 11:13:12 -05:00
60samba.ldif Make schema files conform to new updater 2013-11-18 16:54:21 +01:00
61kerberos-ipav3.ldif IPA API changes to support RBCD 2023-04-05 14:55:22 -04:00
65ipacertstore.ldif Add LDAP schema for certificate store. 2014-07-30 16:04:21 +02:00
65ipasudo.ldif Update X-ORIGIN for 4.0 2014-07-01 13:57:06 +02:00
70ipaotp.ldif Revert "Make all ipatokenTOTP attributes mandatory" 2015-01-21 09:20:15 +01:00
70topology.ldif handle multiple managed suffixes 2015-10-15 14:24:33 +02:00
71idviews.ldif idviews: Add user certificate attribute to user ID overrides 2016-05-06 07:12:01 +02:00
72domainlevels.ldif Add Domain Level feature 2015-05-26 11:59:47 +00:00
73certmap.ldif Add altSecurityIdentities attribute from MS-WSPP schema definition 2019-07-17 17:50:07 +03:00
anon-princ-aci.ldif Use Anonymous user to obtain FAST armor ccache 2017-02-15 07:13:37 +01:00
automember.ldif 34 Create FreeIPA CLI Plugin for the 389 Auto Membership plugin 2011-08-31 09:49:43 +02:00
bind.ipa-ext.conf.template Overhaul bind upgrade process 2020-06-10 16:07:07 +02:00
bind.ipa-logging-ext.conf.template BIND: Setup logging 2021-05-25 10:45:49 +03:00
bind.ipa-options-ext.conf.template Overhaul bind upgrade process 2020-06-10 16:07:07 +02:00
bind.named.conf.template install: Fix missing dyndb keytab directive 2023-04-03 16:58:27 -04:00
bind.openssl.cnf.template named: Allow using of a custom OpenSSL engine for BIND 2020-08-31 09:42:31 +03:00
bind.openssl.cryptopolicy.cnf.template named: Include crypto policy in openssl config 2020-08-31 09:42:31 +03:00
bootstrap-template.ldif Fix ipa-server-upgrade 2021-07-09 09:47:30 -04:00
ca-topology.uldif Revert "upgrade: add replica bind DN group check interval to CA topology config" 2016-12-09 15:47:13 +01:00
certmap.conf.template Define template version in certmap.conf 2017-03-01 12:46:50 +01:00
custodia.conf.template Fix Custodia imports 2021-06-16 10:28:17 -04:00
default-aci.ldif Add group membership management 2019-11-11 09:31:14 +01:00
default-hbac.ldif Fix systemd-user HBAC rule 2019-01-15 14:29:22 -05:00
default-smb-group.ldif Change DNA magic value to -1 to make UID 999 usable 2013-03-11 17:07:07 +01:00
default-trust-view.ldif idviews: Add Default Trust View as part of adtrustinstall 2014-09-30 10:42:06 +02:00
delegation.ldif external-idp: add LDAP schema, indices and other LDAP objects 2022-05-10 15:52:41 +03:00
dna.ldif Update subordinate design doc 2022-06-10 14:50:07 +02:00
dns.ldif ACI: define "Read DNS entries from a zone" aci during install 2022-06-13 14:34:30 -04:00
dnssec.ldif DNSSEC: DNS key synchronization daemon 2014-10-21 12:23:03 +02:00
domainlevel.ldif Add Domain Level feature 2015-05-26 11:59:47 +00:00
ds-ipa-env.conf.template Set client keytab location for 389ds 2021-01-13 21:31:31 +02:00
ds-nfiles.ldif Autotune directory server to use a greater number of files 2010-11-22 12:42:16 -05:00
entryusn.ldif Address entryusn initialization on replica installation 2011-01-28 13:58:43 -05:00
freeipa-server.template Add a skeleton kdcpolicy plugin 2019-09-10 12:33:21 +03:00
gssapi.login Change session handling 2017-02-15 07:13:37 +01:00
gssproxy.conf.template gssproxy: Don't refresh expired delegated credentials 2021-06-12 11:19:25 +03:00
host_nis_groups.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
ipa-httpd-wsgi.conf.template Replace wsgi package conflict with config file 2018-02-09 08:28:11 +01:00
ipa-httpd.conf.template Require UTF-8 fs encoding 2017-11-21 16:13:28 +01:00
ipa-kdc-proxy.conf.template Better mod_wsgi configuration 2021-04-07 11:43:23 +03:00
ipa-pki-proxy.conf.template ipa-pki-proxy.conf: provide access to /kra/admin/kra/getStatus 2022-01-31 18:14:22 -05:00
ipa-rewrite.conf.template Allow Apache to answer to ipa-ca requests without a redirect 2020-12-02 14:05:36 +02:00
ipa.conf.template Better mod_wsgi configuration 2021-04-07 11:43:23 +03:00
ipaca_customize.ini Add support for Random Serial Numbers v3 2022-06-09 08:35:15 +02:00
ipaca_default.ini kra: set RSA-OAEP as default wrapping algo when FIPS is enabled 2024-01-30 10:18:02 -05:00
ipaca_softhsm2.ini Add pki.ini override option 2019-04-10 13:43:23 +02:00
ipakrb5.aug install: introduce generic Kerberos Augeas lens 2017-05-19 12:31:24 +02:00
kdc_extensions.template Add support for configuring KDC certs for PKINIT 2010-11-18 15:09:36 -05:00
kdc_req.conf.template Add support for configuring KDC certs for PKINIT 2010-11-18 15:09:36 -05:00
kdc.conf.template KRB instance: make provision to work with crypto policy without SHA-1 HMAC types 2022-03-08 12:54:47 +01:00
kdcproxy-disable.uldif Provide Kerberos over HTTP (MS-KKDCP) 2015-06-24 10:43:58 +02:00
kdcproxy-enable.uldif Provide Kerberos over HTTP (MS-KKDCP) 2015-06-24 10:43:58 +02:00
kdcproxy.conf Provide Kerberos over HTTP (MS-KKDCP) 2015-06-24 10:43:58 +02:00
kdcproxy.wsgi Replace hard-coded kdcproxy path with WSGI script 2017-04-12 13:05:23 +02:00
kerberos.ldif Set default LDAP password grace period to -1 2022-06-06 11:24:21 -04:00
krb5.conf.template Drop duplicate includedir from krb5.conf 2023-04-27 08:52:51 +02:00
krb5.ini.template Set master_kdc and dns_lookup_kdc to true 2012-09-19 20:47:12 -04:00
krb.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
krbrealm.con.template Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00
ldbm-tuning.ldif Fix nsslapd-db-lock tuning of BDB backend 2020-09-24 17:03:00 +02:00
Makefile.am Add basic support for subordinate user/group ids 2021-07-09 09:47:30 -04:00
managed-entries.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
master-entry.ldif Add Domain Level feature 2015-05-26 11:59:47 +00:00
memberof-conf.ldif Redesign subid feature 2021-07-09 09:47:30 -04:00
memberof-task.ldif Wait for memberof task and DS to start before proceeding in installation. 2011-04-22 11:43:50 +02:00
memcache-remove.uldif Change session handling 2017-02-15 07:13:37 +01:00
modrdn-krbprinc.ldif add krbCanonicalName to attributes watched by MODRDN plugin 2016-06-23 09:48:06 +02:00
nis-update.uldif Upgrade: Fix upgrade of NIS Server configuration 2016-01-11 09:45:54 +01:00
nis.uldif Enable transactions by default, make password and modrdn TXN-aware 2012-11-21 14:55:12 +01:00
opendnssec_conf.template Remove the <Interval> from opendnssec conf 2020-03-12 21:48:25 +01:00
opendnssec_kasp.template DNSSEC: update OpenDNSSEC KASP configuration 2015-05-19 12:50:56 +00:00
pki-acme-configsources.conf.template Add versions to the ACME config templates and update on upgrade 2021-02-15 09:57:07 +02:00
pki-acme-database.conf.template Add versions to the ACME config templates and update on upgrade 2021-02-15 09:57:07 +02:00
pki-acme-engine.conf.template Add versions to the ACME config templates and update on upgrade 2021-02-15 09:57:07 +02:00
pki-acme-issuer.conf.template Add versions to the ACME config templates and update on upgrade 2021-02-15 09:57:07 +02:00
pki-acme-realm.conf.template Add versions to the ACME config templates and update on upgrade 2021-02-15 09:57:07 +02:00
pw-logging-conf.ldif Switch nsslapd-unhashed-pw-switch to nolog 2019-05-24 12:42:51 +02:00
referint-conf.ldif Update referential integrity config for DS 1.3.3 2014-09-12 17:42:08 +02:00
replica-acis.ldif Update ACIs with the correct syntax 2020-05-04 20:49:23 +02:00
replica-automember.ldif 34 Create FreeIPA CLI Plugin for the 389 Auto Membership plugin 2011-08-31 09:49:43 +02:00
replica-prevent-time-skew.ldif ds: ignore time skew during initial replication step 2017-10-19 17:48:58 +03:00
repoint-managed-entries.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
sasl-mapping-fallback.ldif Enable SASL mapping fallback. 2013-06-27 17:06:51 +02:00
schema-update.ldif Fix nsslapdPlugin object class after initial replication. 2013-09-10 09:49:43 +02:00
smb.conf.empty Add trust management for Active Directory trusts 2012-06-07 09:39:09 +02:00
smb.conf.registry.template SMB: switch IPA domain controller role 2021-11-10 15:00:27 -05:00
smb.conf.template Write state dir to smb.conf 2020-07-30 11:38:25 +02:00
sudobind.ldif Create default disabled sudo bind user 2011-02-23 15:32:24 -05:00
topology-entries.ldif rename topology suffixes to "domain" and "ca" 2015-12-04 12:59:21 +01:00
unique-attributes.ldif Server Upgrade: Fix uniqueness plugins 2015-05-19 12:45:41 +00:00
user_private_groups.ldif Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
uuid.ldif DNSSEC: DNS key synchronization daemon 2014-10-21 12:23:03 +02:00
vault.ldif install: support KRA update 2015-09-17 14:55:54 +02:00
wsgi.py Improve wsgi app loading 2021-04-07 11:43:23 +03:00