summaryrefslogtreecommitdiff
path: root/src/providers/ad/ad_common.h
AgeCommit message (Collapse)AuthorFilesLines
2013-06-28AD: initialize failover with custom realm, domain and failover serviceJakub Hrozek1-1/+4
This is needed so we can initialize failover using IPA realm and on-the-fly discovered DNS domain. The subdomains discovered on-thefly will use the subdomain name for realm, domain and failover service to avoid conflicts. Subtaks of: https://fedorahosted.org/sssd/ticket/1962
2013-06-28AD: decouple ad_id_ctx initializationJakub Hrozek1-0/+7
The IPA subdomain code will perform lookups on its own in the server mode. For this, the AD provider must offer a way to initialize the ad_id_ctx for external consumers. Subtask of: https://fedorahosted.org/sssd/ticket/1962
2013-06-26AD: kinit with the local DC even when talking to a GCJakub Hrozek1-1/+2
We tried to use the GC address even for kinit which gave us errors like: "Realm not local to KDC while getting initial credentials". This patch adds a new AD_GC service that is only used for ID lookups, any sort of Kerberos operations are done against the local servers.
2013-06-14AD: Remove ad_options->auth options referenceJakub Hrozek1-1/+0
The options are stored in ad_options->auth_ctx->opts, this member was completely unused and confusing.
2013-06-07AD: Add additional service to support Global Catalog lookupsJakub Hrozek1-0/+5
When fixed host names of AD servers are configured in the config file, we can't know (unlike when service discovery is at play) if the servers are Global Catalogs or not. This patch adds a private data to servers read from the config file that denote whether the server can be tried for contacting the Global Catalog port or just LDAP. The GC or LDAP URIs are generated based on contents of this private data structure. Because SSSD sticks to a working server, we don't have to disable or remove the faulty GC servers from the list.
2013-05-03Active Directory dynamic DNS updatesJakub Hrozek1-0/+13
https://fedorahosted.org/sssd/ticket/1504 Implements dynamic DNS updates for the AD provider. By default, the updates also update the reverse zone and run periodically every 24 hours.
2013-05-02DNS sites support - add AD SRV pluginPavel Březina1-0/+1
https://fedorahosted.org/sssd/ticket/1032
2012-08-01Primary server support: new option in AD providerJan Zeleny1-0/+1
This patch adds support for new config option ad_backup_server. The description of this option's functionality is included in man page in one of previous patches.
2012-08-01Primary server support: AD adaptationJan Zeleny1-1/+2
This patch adds support for the primary server functionality into AD provider. No backup servers are added at the moment, just the basic support is in place.
2012-07-06AD: use krb5_keytab for validation and GSSAPIStephen Gallagher1-0/+1
This simplifies configuration by eliminating the need to specifiy both krb5_keytab and ldap_krb5_keytab if the keytab is not located at /etc/krb5.keytab
2012-07-06AD: Add AD auth and chpass providersStephen Gallagher1-1/+6
These new providers take advantage of existing code for the KRB5 provider, providing sensible defaults for operating against an Active Directory 2008 R2 or later server.
2012-07-06AD: Add AD identity providerStephen Gallagher1-0/+85
This new identity provider takes advantage of existing code for the LDAP provider, but provides sensible defaults for operating against an Active Directory 2008 R2 or later server.
generated by cgit (git 2.34.1) at 2024-11-17 03:31:53 +0000