| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2012-02-21 | Don't give memory context in confdb where not needed | Jan Zeleny | 1 | -1/+1 | |
| 2012-02-13 | Add missing breaks to switch statements | Stephen Gallagher | 1 | -0/+1 | |
| Coverity #12525 and #12524 | |||||
| 2012-02-07 | LDAP: Add support for SSH user public keys | Jan Cholasta | 1 | -2/+4 | |
| 2012-02-06 | Update shadowLastChanged attribute during LDAP password change | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1019 | |||||
| 2012-02-05 | AUTOFS: LDAP provider | Jakub Hrozek | 1 | -0/+106 | |
| 2012-02-04 | Move BUILD_SUDO outside the generic LDAP source files | Jakub Hrozek | 1 | -60/+0 | |
| Avoid #ifdefs in the general part of the code | |||||
| 2012-02-04 | NSS: Add individual timeouts for entry types | Stephen Gallagher | 1 | -1/+0 | |
| https://fedorahosted.org/sssd/ticket/1016 | |||||
| 2012-02-04 | LDAP: Do not fail if RootDSE check cannot determine search bases | Stephen Gallagher | 1 | -3/+2 | |
| https://fedorahosted.org/sssd/ticket/1152 | |||||
| 2012-01-31 | LDAP: Add support for service lookups (non-enum) | Stephen Gallagher | 1 | -0/+33 | |
| 2012-01-18 | LDAP: Add option to disable paging control | Stephen Gallagher | 1 | -1/+2 | |
| Fixes https://fedorahosted.org/sssd/ticket/967 | |||||
| 2012-01-18 | Do not use sudo symbols in LDAP provider unconditionally | Jakub Hrozek | 1 | -0/+2 | |
| 2012-01-17 | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 1 | -0/+60 | |
| https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | |||||
| 2012-01-17 | SUDO Integration review issues | Pavel Březina | 1 | -1/+1 | |
| 2011-12-16 | SUDO Integration - LDAP configuration options | Pavel Březina | 1 | -1/+72 | |
| 2011-12-16 | Export the function to convert ldb_result to sysdb_attrs | Jakub Hrozek | 1 | -29/+0 | |
| It will be reused later in the sudo responder | |||||
| 2011-12-12 | Add sdap_connection_expire_timeout option | Stephen Gallagher | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/1036 | |||||
| 2011-12-08 | Add ldap_sasl_minssf option | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1075 | |||||
| 2011-11-23 | Modified sdap_parse_search_base() | Jan Zeleny | 1 | -9/+8 | |
| 2011-11-02 | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/957 | |||||
| 2011-11-02 | LDAP: Convert ldap_*_search_filter | Stephen Gallagher | 1 | -1/+5 | |
| Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter. | |||||
| 2011-11-02 | LDAP: Add parser for multiple search bases | Stephen Gallagher | 1 | -0/+261 | |
| 2011-11-02 | Make sdap_get_id_specific_filter() more strict | Stephen Gallagher | 1 | -2/+2 | |
| 2011-09-20 | Fix uninitialized pointer read in sdap_gssapi_get_default_realm() | Jakub Hrozek | 1 | -1/+1 | |
| https://fedorahosted.org/sssd/ticket/1003 | |||||
| 2011-08-26 | Use the default Kerberos realm for LDAP with GSSAPI auth | Jakub Hrozek | 1 | -3/+55 | |
| https://fedorahosted.org/sssd/ticket/970 | |||||
| 2011-08-26 | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 1 | -1/+2 | |
| https://fedorahosted.org/sssd/ticket/978 | |||||
| 2011-08-15 | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 1 | -3/+1 | |
| The patch also updates code using modified functions. Tests have also been adjusted. | |||||
| 2011-07-21 | fo_get_server_name() getter for a server name | Jakub Hrozek | 1 | -1/+10 | |
| Allows to be more concise in tests and more defensive in resolve callbacks | |||||
| 2011-07-21 | Rename fo_get_server_name to fo_get_server_str_name | Jakub Hrozek | 1 | -2/+2 | |
| 2011-07-21 | Do not add a NULL host parsed from LDAP URI | Jakub Hrozek | 1 | -1/+8 | |
| https://fedorahosted.org/sssd/ticket/911 | |||||
| 2011-07-08 | Add LDAP access control based on NDS attributes | Sumit Bose | 1 | -2/+8 | |
| 2011-07-08 | Add helper function msgs2attrs_array | Stephen Gallagher | 1 | -0/+29 | |
| This function converts a list of ldb_messages into a list of sysdb_attrs. | |||||
| 2011-06-30 | Use name based URI instead of IP address based URIs | Sumit Bose | 1 | -37/+2 | |
| 2011-06-30 | Add sockaddr_storage to sdap_service | Sumit Bose | 1 | -0/+11 | |
| 2011-06-15 | Switch resolver to using resolv_hostent and honor TTL | Jakub Hrozek | 1 | -2/+2 | |
| 2011-06-02 | Use escaped IP addresses in LDAP provider | Jakub Hrozek | 1 | -6/+56 | |
| 2011-05-24 | Make "password" the default for ldap_default_authtok_type | Stephen Gallagher | 1 | -1/+1 | |
| 2011-05-20 | Use dereference when processing RFC2307bis nested groups | Jakub Hrozek | 1 | -1/+2 | |
| Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799 | |||||
| 2011-04-27 | Add ldap_page_size configuration option | Stephen Gallagher | 1 | -1/+2 | |
| 2011-04-25 | Modify principal selection for keytab authentication | Jan Zeleny | 1 | -0/+1 | |
| Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781 | |||||
| 2011-04-19 | Add user and group search LDAP filter options | Jakub Hrozek | 1 | -0/+20 | |
| https://fedorahosted.org/sssd/ticket/647 | |||||
| 2011-04-12 | Never remove gecos from the sysdb cache | Stephen Gallagher | 1 | -0/+9 | |
| Now that gecos can come from either the 'gecos' or 'cn' attributes, we need to ensure that we never remove it from the cache. | |||||
| 2011-03-24 | Add host access control support | Pierre Ossman | 1 | -2/+4 | |
| https://fedorahosted.org/sssd/ticket/746 | |||||
| 2011-02-16 | Do not attempt to use START_TLS on SSL connections | Stephen Gallagher | 1 | -0/+9 | |
| Not all LDAP servers are capable of handling dual-encryption with both TLS and SSL. https://fedorahosted.org/sssd/ticket/795 | |||||
| 2011-01-27 | Add option to disable TLS for LDAP auth | Stephen Gallagher | 1 | -1/+5 | |
| Option is named to discourage use in production environments and is intentionally not listed in the SSSDConfig API. | |||||
| 2011-01-21 | Delete attributes that are removed from LDAP | Stephen Gallagher | 1 | -0/+117 | |
| Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750 | |||||
| 2011-01-20 | Add ldap_tls_{cert,key,cipher_suite} config options | Tyson Whitehead | 1 | -0/+3 | |
| Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | |||||
| 2011-01-19 | Add LDAP expire policy base RHDS/IPA attribute | Sumit Bose | 1 | -2/+4 | |
| The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked. | |||||
| 2011-01-19 | Add LDAP expire policy based on AD attributes | Sumit Bose | 1 | -2/+6 | |
| The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired. | |||||
| 2011-01-17 | Add ldap_search_enumeration_timeout config option | Sumit Bose | 1 | -2/+3 | |
| 2011-01-06 | Convert obfuscated password once at startup | Sumit Bose | 1 | -0/+41 | |
 |
index : sssd | |
| System Security Services Daemon | ben |
| summaryrefslogtreecommitdiff |