Age | Commit message (Collapse) | Author | Files | Lines |
|
Previously an sdap_id_ctx was always tied to one domain with a single
set of search bases. But with the introduction of Global Catalog
lookups, primary domain and subdomains might have different search
bases.
This patch introduces a new structure sdap_domain that contains an sssd
domain or subdomain and a set of search bases. With this patch, there is
only one sdap_domain that describes the primary domain.
|
|
Instead of using boolean variables to denote whether the call is adding
a primary or a secondary server, use a function wrapper that tells what
it's doing by its name.
|
|
The dyndns init function was starting the timer even if the updates were
set to False. This patch splits the init of dynamic updates and the
timer into two functions so that the back end can start the updates
separately from reading the options.
|
|
This new options adds the possibility of updating the DNS entries
periodically regardless if they have changed or not. This feature
will be useful mainly in AD environments where the Windows clients
periodically update their DNS records.
|
|
This patch introduces new options for dynamic DNS updates that are not
specific to any back end. The current ipa dyndns options are still
usable, just with a deprecation warning.
|
|
Added new parameter to split_on_separator that allows to skip
empty values.
The whole function was rewritten. Unit test case was added to
check the new implementation.
https://fedorahosted.org/sssd/ticket/1484
|
|
https://fedorahosted.org/sssd/ticket/1657
IPA_HOSTNAME is not stored in ipa_opts->id options so it the option
was always NULL here. This caused SIGSEGV when accessed by strchr()
in subsequent function.
|
|
The AD and IPA initialization functions shared the same code. This patch
moves the code into a common initialization function.
|
|
https://fedorahosted.org/sssd/ticket/1521
|
|
https://fedorahosted.org/sssd/ticket/1365
|
|
|
|
https://fedorahosted.org/sssd/ticket/1472
|
|
https://fedorahosted.org/sssd/ticket/1463
|
|
This patch adds support for the primary server functionality into IPA
provider. No backup servers are added at the moment, just the basic
support is in place.
|
|
Now there are two list of servers for each service. If currently
selected server is only backup, then an event will be scheduled which
tries to get connection to one of primary servers and if it succeeds,
it starts using this server instead of the one which is currently
connected to.
|
|
This function is not supposed to return any newly-allocated memory
directly. It was actually leaking the memory for krb5_servers if
krb5_kdcip was being used, though it was undetectable because it
was allocated on the provided memctx.
This patch removes the memctx parameter and allocates krb5_servers
temporarily on NULL and ensures that it is freed on all exit
conditions. It is not necessary to retain this memory, as
dp_opt_set_string() performs a talloc_strdup onto the appropriate
context internally.
It also updates the DEBUG messages for this function to the
appropriate new macro levels.
|
|
|
|
The query is performed only if there is missing information in the
cache. That means this should be done only once after restart when cache
doesn't exist. All subsequent requests for subdomains won't include the
request for master domain.
|
|
|
|
|
|
These are now replaced by the more accurate tests.
This patch also drops the runtime option-count check, since we are
always performing the more complete check at build-time.
|
|
There is no functional change due to this patch.
|
|
https://fedorahosted.org/sssd/ticket/1227
|
|
https://fedorahosted.org/sssd/ticket/1217
|
|
|
|
Previously, we were using sdap_parse_search_base() for setting up
the search_base objects for use in IPA. However, this was
generating unfriendly log messages about unknown search base
types. This patch creates a new common_parse_search_base() routine
that can be used with either LDAP or IPA providers.
https://fedorahosted.org/sssd/ticket/1151
|
|
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1019
|
|
|
|
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1016
|
|
The wrong position in configuration directive array caused problems in
IPA provider, which tried to fetch another value instead of the services
lookup base.
|
|
|
|
Fixes https://fedorahosted.org/sssd/ticket/967
|
|
https://fedorahosted.org/sssd/ticket/1110
Adds new configuration options:
- ldap_sudo_refresh_enabled - enable/disable periodical updates
- ldap_sudo_refresh_timeout - rules timeout (refresh period)
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/1036
|
|
In case IPA netgroup had indirect member hosts, they wouldn't be
detected.
This patch also modifies debug messages for easier debugging in the
future.
|
|
https://fedorahosted.org/sssd/ticket/1075
|
|
don't fetch all host groups if this option is false
https://fedorahosted.org/sssd/ticket/1078
|
|
|
|
|
|
https://fedorahosted.org/sssd/ticket/957
|
|
https://fedorahosted.org/sssd/ticket/957
|
|
|