Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch adds support for new config options krb5_backup_server and
krb5_backup_kpasswd. The description of this option's functionality
is included in man page in one of previous patches.
|
|
https://fedorahosted.org/sssd/ticket/957
|
|
|
|
|
|
|
|
|
|
|
|
|
|
For the time being, if krb5_server is not found, still falls back to
krb5_kdcip with a warning. If both options are present in config file,
krb5_server has a higher priority.
Fixes: #543
|
|
Fixes: #531
|
|
If the configuration option krb5_store_password_if_offline is set to
true and the backend is offline the plain text user password is stored
and used to request a TGT if the backend becomes online. If available
the Linux kernel key retention service is used.
|
|
* add forgotten ldap_dns_service option
* sync IPA and LDAP options (ldap_pwd_policy and ldap_tls_cacertdir)
* ldap_uri is no longer mandatory for LDAP provider - the default is to
use service discovery with no address set now. Ditto for krb5_kdcip
and ipa_server
|
|
Previously, the option krb5_kpasswd was only available if
'chpass_provider = krb5' was specified explicitly. Now it will be
available also if 'auth_provider = krb5'.
This option was also missing from the IPA options, so I have added
it there as well
|
|
|
|
Also update BUILD.txt
|