Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-11-23 | Added and modified options for IPA netgroups | Jan Zeleny | 1 | -0/+22 | |
2011-11-10 | Fix typos in manual pages | Yuri Chornoivan | 1 | -1/+1 | |
2011-11-02 | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 1 | -0/+15 | |
https://fedorahosted.org/sssd/ticket/957 | |||||
2011-11-02 | LDAP: Update manpages with multiple search base information | Stephen Gallagher | 1 | -1/+56 | |
2011-10-13 | man page fix (lists are comma-separated) | Jan Zeleny | 1 | -2/+2 | |
https://fedorahosted.org/sssd/ticket/1024 | |||||
2011-09-06 | Allow turning dereference off by setting the threshold to 0 | Jakub Hrozek | 1 | -0/+4 | |
2011-08-26 | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 1 | -0/+14 | |
https://fedorahosted.org/sssd/ticket/978 | |||||
2011-07-08 | Add LDAP access control based on NDS attributes | Sumit Bose | 1 | -0/+50 | |
2011-05-31 | Changing default to Default for consistency | Kaushik Banerjee | 1 | -1/+1 | |
2011-05-27 | Add more detail to ldap_uri manpage entry | Stephen Gallagher | 1 | -1/+13 | |
2011-05-24 | Make "password" the default for ldap_default_authtok_type | Stephen Gallagher | 1 | -0/+3 | |
2011-05-20 | Use dereference when processing RFC2307bis nested groups | Jakub Hrozek | 1 | -0/+23 | |
Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799 | |||||
2011-04-27 | Add ldap_page_size configuration option | Stephen Gallagher | 1 | -0/+14 | |
2011-04-19 | Add user and group search LDAP filter options | Jakub Hrozek | 1 | -0/+37 | |
https://fedorahosted.org/sssd/ticket/647 | |||||
2011-03-24 | Add host access control support | Pierre Ossman | 1 | -0/+24 | |
https://fedorahosted.org/sssd/ticket/746 | |||||
2011-01-20 | Add ldap_tls_{cert,key,cipher_suite} config options | Tyson Whitehead | 1 | -0/+41 | |
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | |||||
2011-01-19 | Add LDAP expire policy base RHDS/IPA attribute | Sumit Bose | 1 | -0/+20 | |
The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked. | |||||
2011-01-19 | Add LDAP expire policy based on AD attributes | Sumit Bose | 1 | -0/+35 | |
The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired. | |||||
2011-01-17 | Add ldap_search_enumeration_timeout config option | Sumit Bose | 1 | -5/+23 | |
2010-12-21 | Add authorizedService support | Stephen Gallagher | 1 | -0/+26 | |
https://fedorahosted.org/sssd/ticket/670 | |||||
2010-12-07 | Replace krb5_kdcip by krb5_server in LDAP provider | Sumit Bose | 1 | -1/+7 | |
2010-12-06 | Add ldap_chpass_uri config option | Sumit Bose | 1 | -0/+34 | |
2010-12-06 | Add new account expired rule to LDAP access provider | Sumit Bose | 1 | -1/+54 | |
Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute. | |||||
2010-12-01 | Allow protocol fallback for SRV queries | Jakub Hrozek | 1 | -0/+5 | |
https://fedorahosted.org/sssd/ticket/691 | |||||
2010-11-19 | Fix man page | Sumit Bose | 1 | -2/+2 | |
Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication. | |||||
2010-11-15 | Properly document ldap_purge_cache_timeout | Stephen Gallagher | 1 | -0/+19 | |
Also allow it to be disabled entirely | |||||
2010-11-05 | Review comments for namingContexts patches | Sumit Bose | 1 | -9/+3 | |
2010-11-04 | Make ldap_search_base a non-mandatory option | Sumit Bose | 1 | -3/+20 | |
2010-10-22 | Add ldap_deref option | Sumit Bose | 1 | -0/+35 | |
2010-10-18 | Move all references to ldap_<entity>_search_base to "advanced" section | Jan Zeleny | 1 | -42/+52 | |
The <entity> can be one of user, group or netgroup. The references were removed from example configuration and they were moved from section Configuration options to section Advanced options. Ticket: #607 | |||||
2010-10-18 | Add option to limit nested groups | Simo Sorce | 1 | -0/+16 | |
2010-10-13 | Add infrastructure to LDAP provider for netgroup support | Sumit Bose | 1 | -0/+91 | |
2010-10-13 | Add KDC to the list of LDAP options | Jakub Hrozek | 1 | -0/+18 | |
2010-10-13 | Man pages should mention supported providers | Jan Zeleny | 1 | -5/+7 | |
Each back end can support id, auth or access provider, but each back end supports different subset of these. Man pages should describe which providers are supported by each back end. Ticket: #615 | |||||
2010-09-08 | Deobfuscate password in back ends | Jakub Hrozek | 1 | -1/+10 | |
When obfuscated password is used in config file, the LDAP backend converts it back to clear text and uses it to authenticate to the server. | |||||
2010-09-07 | Reviewed sssd-ldap man page | Jan Zeleny | 1 | -7/+207 | |
Some config options updated, newly documented 12 new options. | |||||
2010-06-16 | Standardize on correct spelling of "principal" for krb5 | Stephen Gallagher | 1 | -1/+1 | |
https://fedorahosted.org/sssd/ticket/542 | |||||
2010-05-27 | Add ldap_access_filter option | Stephen Gallagher | 1 | -0/+39 | |
This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com | |||||
2010-05-16 | Add ldap_krb5_ticket_lifetime option | Sumit Bose | 1 | -0/+13 | |
2010-05-07 | Use service discovery in backends | Jakub Hrozek | 1 | -3/+17 | |
Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set. | |||||
2010-02-18 | Rename server/ directory to src/ | Stephen Gallagher | 1 | -0/+688 | |
Also update BUILD.txt |