sssd - System Security Services Daemon

Age	Commit message (Collapse)	Author	Files	Lines
2011-11-23	Added and modified options for IPA netgroups	Jan Zeleny	1	-0/+22

2011-11-10	Fix typos in manual pages	Yuri Chornoivan	1	-1/+1

2011-11-02	Support to request canonicalization in LDAP/IPA provider	Jan Zeleny	1	-0/+15
	https://fedorahosted.org/sssd/ticket/957
2011-11-02	LDAP: Update manpages with multiple search base information	Stephen Gallagher	1	-1/+56

2011-10-13	man page fix (lists are comma-separated)	Jan Zeleny	1	-2/+2
	https://fedorahosted.org/sssd/ticket/1024
2011-09-06	Allow turning dereference off by setting the threshold to 0	Jakub Hrozek	1	-0/+4

2011-08-26	Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON	Jakub Hrozek	1	-0/+14
	https://fedorahosted.org/sssd/ticket/978
2011-07-08	Add LDAP access control based on NDS attributes	Sumit Bose	1	-0/+50

2011-05-31	Changing default to Default for consistency	Kaushik Banerjee	1	-1/+1

2011-05-27	Add more detail to ldap_uri manpage entry	Stephen Gallagher	1	-1/+13

2011-05-24	Make "password" the default for ldap_default_authtok_type	Stephen Gallagher	1	-0/+3

2011-05-20	Use dereference when processing RFC2307bis nested groups	Jakub Hrozek	1	-0/+23
	Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
2011-04-27	Add ldap_page_size configuration option	Stephen Gallagher	1	-0/+14

2011-04-19	Add user and group search LDAP filter options	Jakub Hrozek	1	-0/+37
	https://fedorahosted.org/sssd/ticket/647
2011-03-24	Add host access control support	Pierre Ossman	1	-0/+24
	https://fedorahosted.org/sssd/ticket/746
2011-01-20	Add ldap_tls_{cert,key,cipher_suite} config options	Tyson Whitehead	1	-0/+41
	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-01-19	Add LDAP expire policy base RHDS/IPA attribute	Sumit Bose	1	-0/+20
	The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked.
2011-01-19	Add LDAP expire policy based on AD attributes	Sumit Bose	1	-0/+35
	The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired.
2011-01-17	Add ldap_search_enumeration_timeout config option	Sumit Bose	1	-5/+23

2010-12-21	Add authorizedService support	Stephen Gallagher	1	-0/+26
	https://fedorahosted.org/sssd/ticket/670
2010-12-07	Replace krb5_kdcip by krb5_server in LDAP provider	Sumit Bose	1	-1/+7

2010-12-06	Add ldap_chpass_uri config option	Sumit Bose	1	-0/+34

2010-12-06	Add new account expired rule to LDAP access provider	Sumit Bose	1	-1/+54
	Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute.
2010-12-01	Allow protocol fallback for SRV queries	Jakub Hrozek	1	-0/+5
	https://fedorahosted.org/sssd/ticket/691
2010-11-19	Fix man page	Sumit Bose	1	-2/+2
	Currently sssd does not support authentication via GSSAPI. I think it is not necessary to support it, because if GSSAPI is possible Kerberos should be use for authentication.
2010-11-15	Properly document ldap_purge_cache_timeout	Stephen Gallagher	1	-0/+19
	Also allow it to be disabled entirely
2010-11-05	Review comments for namingContexts patches	Sumit Bose	1	-9/+3

2010-11-04	Make ldap_search_base a non-mandatory option	Sumit Bose	1	-3/+20

2010-10-22	Add ldap_deref option	Sumit Bose	1	-0/+35

2010-10-18	Move all references to ldap_<entity>_search_base to "advanced" section	Jan Zeleny	1	-42/+52
	The <entity> can be one of user, group or netgroup. The references were removed from example configuration and they were moved from section Configuration options to section Advanced options. Ticket: #607
2010-10-18	Add option to limit nested groups	Simo Sorce	1	-0/+16

2010-10-13	Add infrastructure to LDAP provider for netgroup support	Sumit Bose	1	-0/+91

2010-10-13	Add KDC to the list of LDAP options	Jakub Hrozek	1	-0/+18

2010-10-13	Man pages should mention supported providers	Jan Zeleny	1	-5/+7
	Each back end can support id, auth or access provider, but each back end supports different subset of these. Man pages should describe which providers are supported by each back end. Ticket: #615
2010-09-08	Deobfuscate password in back ends	Jakub Hrozek	1	-1/+10
	When obfuscated password is used in config file, the LDAP backend converts it back to clear text and uses it to authenticate to the server.
2010-09-07	Reviewed sssd-ldap man page	Jan Zeleny	1	-7/+207
	Some config options updated, newly documented 12 new options.
2010-06-16	Standardize on correct spelling of "principal" for krb5	Stephen Gallagher	1	-1/+1
	https://fedorahosted.org/sssd/ticket/542
2010-05-27	Add ldap_access_filter option	Stephen Gallagher	1	-0/+39
	This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
2010-05-16	Add ldap_krb5_ticket_lifetime option	Sumit Bose	1	-0/+13

2010-05-07	Use service discovery in backends	Jakub Hrozek	1	-3/+17
	Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set.
2010-02-18	Rename server/ directory to src/	Stephen Gallagher	1	-0/+688
	Also update BUILD.txt