summaryrefslogtreecommitdiff
path: root/source4/setup/secrets.ldif
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11218: Always return the mutual authentication reply (needed for kpasswd),Andrew Bartlett1-0/+1
and remove now duplicated unwrap_pac(). Andrew Bartlett (This used to be commit 90642d54e02e09edc96b9498e66befda20dbb68d)
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett1-0/+13
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r10916: - finished the 'operational' ldb moduleAndrew Tridgell1-1/+1
- removed the timestamps module, replacing it with the operational module - added a ldb_msg_copy_shallow() function which should be used when a module wants to add new elements to a message on add/modify. This is needed because the caller might be using a constant structure, or may want to re-use the structure again - enabled the UTC time attribute syntaxes in the operational module (This used to be commit 61e8b010223ac6a0573185008f3719ba29574688)
2007-10-10r10855: Put the domain SID in secrets.ldb by default, and add http as aAndrew Bartlett1-0/+1
default SPN alias. Andrew Bartlett (This used to be commit e4fe5802dae544f4dabf0c6d04a55be1144d8820)
2007-10-10r8999: Use the timestamps module to ensure we update times.Andrew Bartlett1-0/+5
Andrew Bartlett (This used to be commit e6abd9f70449e9c5716cd36565442873bdc7d44c)
2007-10-10r8158: - use the timestring for the serial number of the bind zone fileStefan Metzmacher1-1/+1
- add --krbtgtpass and --machinepass options, with them you can easy set them to default values for testing so that you don't need to setup a new keytab file when you rerun provision.pl metze (This used to be commit cfb72455970c182aaba67bf9cf9775a854f143ff)
2007-10-10r7988: Store the KVNO for the machine account, and set it up in the provision.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
2007-10-10r6698: Our domain join code requires that the secureChannelType be set. TypeAndrew Bartlett1-0/+1
6 is BDC, which is correct for a self-join. Andrew Bartlett (This used to be commit cd61ff80f886bcb4a8c6b681879ee269604e98f3)
2007-10-10r6207: - clean up source topdirStefan Metzmacher1-0/+30
- move provision stuff to setup/ - remove unused scripts metze (This used to be commit c35887ca649675f28ca986713a08082420418d74)
generated by cgit (git 2.34.1) at 2024-08-12 00:42:55 +0000