| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2012-02-24 | IPA hosts refactoring | Jan Zeleny | 1 | -16/+36 | |
| 2012-02-23 | IPA: Add ipa_parse_search_base() | Stephen Gallagher | 1 | -9/+44 | |
| Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151 | |||||
| 2012-02-07 | AUTOFS: IPA provider | Jakub Hrozek | 1 | -25/+91 | |
| 2012-02-07 | IPA: Add host info handler | Jan Cholasta | 1 | -0/+1 | |
| 2012-02-07 | LDAP: Add support for SSH user public keys | Jan Cholasta | 1 | -1/+2 | |
| 2012-02-06 | Update shadowLastChanged attribute during LDAP password change | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1019 | |||||
| 2012-02-06 | Session target in IPA provider | Jan Zeleny | 1 | -0/+47 | |
| 2012-02-06 | Renamed some sysdb constants for their wider usage | Jan Zeleny | 1 | -2/+2 | |
| 2012-02-06 | Implemented support for multiple search bases in HBAC rules and services | Jan Zeleny | 1 | -1/+24 | |
| 2012-02-05 | AUTOFS: LDAP provider | Jakub Hrozek | 1 | -0/+25 | |
| 2012-02-04 | NSS: Add individual timeouts for entry types | Stephen Gallagher | 1 | -1/+0 | |
| https://fedorahosted.org/sssd/ticket/1016 | |||||
| 2012-02-01 | Fixed wrong position of ldap_service_search_base | Jan Zeleny | 1 | -1/+1 | |
| The wrong position in configuration directive array caused problems in IPA provider, which tried to fetch another value instead of the services lookup base. | |||||
| 2012-01-31 | IPA: Add support for services lookups (non-enum) | Stephen Gallagher | 1 | -0/+38 | |
| 2012-01-18 | LDAP: Add option to disable paging control | Stephen Gallagher | 1 | -1/+2 | |
| Fixes https://fedorahosted.org/sssd/ticket/967 | |||||
| 2012-01-17 | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 1 | -0/+2 | |
| https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | |||||
| 2012-01-17 | SUDO Integration review issues | Pavel Březina | 1 | -2/+2 | |
| 2011-12-16 | SUDO Integration - LDAP configuration options | Pavel Březina | 1 | -0/+39 | |
| 2011-12-12 | Add sdap_connection_expire_timeout option | Stephen Gallagher | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/1036 | |||||
| 2011-12-09 | Fixed IPA netgroup processing | Jan Zeleny | 1 | -0/+1 | |
| In case IPA netgroup had indirect member hosts, they wouldn't be detected. This patch also modifies debug messages for easier debugging in the future. | |||||
| 2011-12-08 | Add ldap_sasl_minssf option | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1075 | |||||
| 2011-11-29 | Add ipa_hbac_support_srchost option to IPA provider | Jan Zeleny | 1 | -1/+2 | |
| don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078 | |||||
| 2011-11-23 | Added and modified options for IPA netgroups | Jan Zeleny | 1 | -24/+46 | |
| 2011-11-23 | Modified sdap_parse_search_base() | Jan Zeleny | 1 | -4/+4 | |
| 2011-11-02 | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/957 | |||||
| 2011-11-02 | Add support to request canonicalization on krb AS requests | Jan Zeleny | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/957 | |||||
| 2011-11-02 | LDAP: Add parser for multiple search bases | Stephen Gallagher | 1 | -0/+20 | |
| 2011-08-26 | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/978 | |||||
| 2011-08-01 | Change the default value of ldap_tls_cacert in IPA provider | Jakub Hrozek | 1 | -1/+1 | |
| https://fedorahosted.org/sssd/ticket/944 | |||||
| 2011-07-21 | fo_get_server_name() getter for a server name | Jakub Hrozek | 1 | -1/+9 | |
| Allows to be more concise in tests and more defensive in resolve callbacks | |||||
| 2011-07-21 | Rename fo_get_server_name to fo_get_server_str_name | Jakub Hrozek | 1 | -2/+2 | |
| 2011-07-13 | Remove unused krb5_service structure member | Jakub Hrozek | 1 | -2/+0 | |
| 2011-07-11 | Escape IP address in kdcinfo | Jakub Hrozek | 1 | -10/+10 | |
| https://fedorahosted.org/sssd/ticket/909 | |||||
| 2011-07-11 | Move IP adress escaping from the LDAP namespace | Jakub Hrozek | 1 | -3/+3 | |
| 2011-07-08 | Add LDAP access control based on NDS attributes | Sumit Bose | 1 | -1/+4 | |
| 2011-07-08 | Add ipa_hbac_treat_deny_as option | Stephen Gallagher | 1 | -1/+2 | |
| By default, we will treat the presence of any DENY rule as denying all users. This option will allow the admin to explicitly ignore DENY rules during a transitional period. | |||||
| 2011-07-08 | Add ipa_hbac_refresh option | Stephen Gallagher | 1 | -1/+2 | |
| This option describes the time between refreshes of the HBAC rules on the IPA server. | |||||
| 2011-06-30 | Use name based URI instead of IP address based URIs | Sumit Bose | 1 | -1/+1 | |
| 2011-06-30 | Add sockaddr_storage to sdap_service | Sumit Bose | 1 | -0/+10 | |
| 2011-06-15 | Switch resolver to using resolv_hostent and honor TTL | Jakub Hrozek | 1 | -2/+2 | |
| 2011-06-02 | Escape IPv6 IP addresses in the IPA provider | Jakub Hrozek | 1 | -4/+26 | |
| https://fedorahosted.org/sssd/ticket/880 | |||||
| 2011-06-02 | Add utility function to return IP address as string | Jakub Hrozek | 1 | -8/+2 | |
| 2011-05-20 | Use dereference when processing RFC2307bis nested groups | Jakub Hrozek | 1 | -1/+2 | |
| Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799 | |||||
| 2011-04-29 | Fix order of arguments in select_principal_from_keytab() call | Jakub Hrozek | 1 | -1/+1 | |
| 2011-04-29 | Fix segfault in IPA provider | Stephen Gallagher | 1 | -2/+2 | |
| We were trying to request the krb5 keytab from the auth provider configuration, but it hasn't yet been set up. Much better to use the value in the ID provider. | |||||
| 2011-04-28 | Fix IPA config bug with SDAP_KRB5_REALM | Stephen Gallagher | 1 | -1/+1 | |
| 2011-04-27 | Add ldap_page_size configuration option | Stephen Gallagher | 1 | -1/+2 | |
| 2011-04-25 | Modify principal selection for keytab authentication | Jan Zeleny | 1 | -21/+53 | |
| Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781 | |||||
| 2011-04-25 | Allow new option to specify principal for FAST | Jan Zeleny | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/700 | |||||
| 2011-03-24 | Add host access control support | Pierre Ossman | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/746 | |||||
| 2011-02-28 | Use realm for basedn instead of IPA domain | Jakub Hrozek | 1 | -41/+37 | |
| https://fedorahosted.org/sssd/ticket/807 | |||||
 |
index : sssd | |
| System Security Services Daemon | ben |
| summaryrefslogtreecommitdiff |