summaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2013-06-27Handle too many results from getnetgr.Lukas Slebodnik1-1/+13
2013-06-27SSH: Update known_hosts file after unsuccessful requests as well.Jan Cholasta1-20/+36
2013-06-27SSH: When host is removed from LDAP, remove it from the cache as wellJan Cholasta1-1/+8
2013-06-27Add missing argument to DEBUG messageLukas Slebodnik1-1/+1
2013-06-27Fix compilation warningJakub Hrozek1-1/+1
2013-06-27AD: Write out domain-realm mappingsJakub Hrozek7-189/+197
2013-06-27KRB5: guess UPN for subdomain usersJakub Hrozek7-18/+43
2013-06-27sudo responder: use different callback for oob refreshPavel Březina1-6/+8
2013-06-26AD: kinit with the local DC even when talking to a GCJakub Hrozek2-4/+21
2013-06-26Use forest for GC SRV lookupsSumit Bose1-12/+40
2013-06-26Do not switch to credentials everytime.Lukas Slebodnik1-4/+69
2013-06-26Every time return directory for krb5 cache collection.Lukas Slebodnik2-4/+64
2013-06-26Fix wrong detection of krb5 ccnameLukas Slebodnik1-1/+4
2013-06-26Revert "Implicitly activate the PAC responder for AD provider"Sumit Bose1-2/+1
2013-06-25fix dead code in fail_over_srv.cPavel Březina1-11/+12
2013-06-25init script: source /etc/sysconfig/sssdPavel Březina4-0/+19
2013-06-25krb5: do not use enterprise principals for renewalsSumit Bose1-1/+6
2013-06-25krb5: do not send pac for IPA users from the local domainSumit Bose5-10/+20
2013-06-25Revert "Always send the PAC to the PAC responder"Sumit Bose1-18/+20
2013-06-24Fix typo in pack_authtok()Sumit Bose1-1/+1
2013-06-24KRB5: use the right authtok type for renewalsSumit Bose1-3/+20
2013-06-24IPA: Do not download or store the member attribute of host groupsJakub Hrozek2-2/+0
2013-06-24PAC: do not delete originalDN or cached password if presentSumit Bose1-1/+26
2013-06-24LDAP: Retry SID search based on result of LDAP search, not the return codeJakub Hrozek1-2/+13
2013-06-21failover: if expanded server is marked as neutral, invoke srv collapsePavel Březina1-0/+7
2013-06-21collapse_srv_lookup may free the server, make it clear from the APIPavel Březina1-6/+9
2013-06-21failover: return error when SRV lookup returned only duplicatesPavel Březina3-2/+23
2013-06-21failover: do not return invalid pointer when server is already presentPavel Březina1-2/+6
2013-06-21Configure SYSV init scripts properlyStephen Gallagher4-10/+10
2013-06-21FO: Check the return value of send_fnJakub Hrozek1-0/+4
2013-06-21Fix dp_copy_optionsJakub Hrozek1-1/+1
2013-06-20Removing BUILD.txt contentAriel Barria1-71/+5
2013-06-19PAC: do not expect that sysdb_search_object_by_sid() return ENOENTSumit Bose1-8/+8
2013-06-18nested groups: do not expect any particular number of groupsPavel Březina1-19/+10
2013-06-18nested groups: do not return ENOMEM if num_groups is 0Pavel Březina1-6/+10
2013-06-17Set default realm for enterprise principalsSumit Bose1-0/+12
2013-06-17Use principal from the ticket to find validation entrySumit Bose1-1/+1
2013-06-17handle ERR_ACCOUNT_EXPIRED properlyPavel Březina3-1/+13
2013-06-17Fix allocation checkJakub Hrozek1-1/+1
2013-06-17nested groups: allocate more space if deref returns more membersPavel Březina1-0/+21
2013-06-16rpm: couple of small fixesJakub Hrozek1-0/+7
2013-06-16subdomains: touch krb5.conf when creating new domain-realm mappingsPavel Březina5-0/+47
2013-06-14AD: Remove ad_options->auth options referenceJakub Hrozek1-1/+0
2013-06-14AD: Fix segfault in DEBUG messageJakub Hrozek1-1/+1
2013-06-14KRB: Handle preauthentication error correctlyOndrej Kos4-1/+11
2013-06-14failover: set state->out when meta server remains in SRV_RESOLVE_ERRORPavel Březina1-0/+1
2013-06-12Fix minor typosYuri Chornoivan5-6/+6
2013-06-12Use the correct talloc context when creating AD subdomainsJakub Hrozek1-1/+1
2013-06-12be_refresh: send and recv shadow a global declarationPavel Březina2-13/+13
2013-06-12be_ptask: send and recv shadow a global declarationPavel Březina2-11/+11