summaryrefslogtreecommitdiff
path: root/src/providers/ldap/ldap_common.h
AgeCommit message (Collapse)AuthorFilesLines
2012-08-23Clean up cache on server reinitializationPavel Březina1-0/+9
https://fedorahosted.org/sssd/ticket/734 We successfully detect when the server is reinitialized by testing the new lastUSN value. The maximum USN values are set to zero, but the current cache content remains. This patch removes records that were deleted from the server. It uses the following approach: 1. remove entryUSN attribute from all entries 2. run enumeration 3. remove records that doesn't have entryUSN attribute updated We don't need to do this for sudo rules, they will be refreshed automatically during next smart/full refresh, or when an expired rule is deleted.
2012-08-01Primary server support: LDAP adaptationJan Zeleny1-1/+2
This patch adds support for the primary server functionality into LDAP provider. No backup servers are added at the moment, just the basic support is in place.
2012-06-29sudo ldap provider: load host filter configuration on initPavel Březina1-1/+4
We need to load host information during provider initialization. Currently it loads only values from configuration files, but it is implemented as an asynchrounous request as it will later try to autodetect these settings (which will need to contact DNS).
2012-05-03LDAP: Add helper routine to convert LDAP blob to SID stringStephen Gallagher1-0/+6
2012-05-03LDAP: Enable looking up ID-mapped users by nameStephen Gallagher1-0/+1
2012-02-24Modifications to simplify list_missing_attrsJan Zeleny1-1/+0
2012-02-23IPA: Add ipa_parse_search_base()Stephen Gallagher1-0/+5
Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151
2012-02-07AUTOFS: IPA providerJakub Hrozek1-0/+3
2012-02-05AUTOFS: LDAP providerJakub Hrozek1-0/+5
2012-02-04Move BUILD_SUDO outside the generic LDAP source filesJakub Hrozek1-8/+4
Avoid #ifdefs in the general part of the code
2012-01-31LDAP: Add support for service lookups (non-enum)Stephen Gallagher1-0/+12
2012-01-17SUDO Integration - periodical update of rules in data providerPavel Březina1-0/+1
https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period)
2011-12-19Pass sdap_id_ctx to online check from IPA providerJakub Hrozek1-0/+2
2011-12-16SUDO integration - LDAP providerPavel Březina1-0/+5
2011-12-16SUDO Integration - LDAP configuration optionsPavel Březina1-0/+5
2011-11-25Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA providerJakub Hrozek1-0/+1
This was causing a segfault during HBAC processing and any ID lookups except for netgroups
2011-11-23Modified sdap_parse_search_base()Jan Zeleny1-2/+1
2011-11-23Renamed some LDAP routinesJan Zeleny1-5/+5
These were renamed just ot make sure they are not mistook for IPA netgroup functions.
2011-11-02LDAP: Add parser for multiple search basesStephen Gallagher1-0/+5
2011-11-02Make sdap_get_id_specific_filter() more strictStephen Gallagher1-2/+2
2011-07-08Add helper function msgs2attrs_arrayStephen Gallagher1-0/+4
This function converts a list of ldb_messages into a list of sysdb_attrs.
2011-04-19Add user and group search LDAP filter optionsJakub Hrozek1-0/+4
https://fedorahosted.org/sssd/ticket/647
2011-02-16Do not attempt to use START_TLS on SSL connectionsStephen Gallagher1-0/+7
Not all LDAP servers are capable of handling dual-encryption with both TLS and SSL. https://fedorahosted.org/sssd/ticket/795
2011-01-21Delete attributes that are removed from LDAPStephen Gallagher1-0/+13
Sometimes, a value in LDAP will cease to exist (the classic example being shadowExpire). We need to make sure we purge that value from SSSD's sysdb as well. https://fedorahosted.org/sssd/ticket/750
2010-12-21Remove unused member of a structSumit Bose1-1/+0
2010-12-07ldap: Use USN entries if available.Simo Sorce1-2/+1
Otherwise fallback to the default modifyTimestamp indicator
2010-12-07ldap: remove variable that was never assigned nor usedSimo Sorce1-2/+0
2010-12-06Add ldap_chpass_uri config optionSumit Bose1-0/+1
2010-12-06Make string_to_shadowpw_days() publicSumit Bose1-0/+2
2010-12-01Add check_online method to LDAP ID providerSumit Bose1-0/+1
2010-10-13Implement netgroup support for LDAP providerSumit Bose1-0/+6
2010-10-13Initialize kerberos service for GSSAPIJakub Hrozek1-0/+20
2010-09-15Store rootdse supported features in sdap_handlerSumit Bose1-0/+3
2010-07-09Remove remainder of now unused global LDAP connection handle.eindenbom1-9/+0
2010-07-09Use new LDAP connection framework to get group account info from LDAP.eindenbom1-1/+1
2010-07-09Use new LDAP connection framework to get user account info from LDAP.eindenbom1-1/+1
2010-07-09LDAP connection usage tracking, sharing and failover retry framework.eindenbom1-0/+4
2010-05-27Add ldap_access_filter optionStephen Gallagher1-0/+3
This option (applicable to access_provider=ldap) allows the admin to set an additional LDAP search filter that must match in order for a user to be granted access to the system. Common examples for this would be limiting access to users by in a particular group, for example: ldap_access_filter = memberOf=cn=access_group,ou=Groups,dc=example,dc=com
2010-05-27Add offline callback to disconnect global SDAP handleSumit Bose1-0/+1
2010-05-07Use service discovery in backendsJakub Hrozek1-3/+5
Integrate the failover improvements with our back ends. The DNS domain used in the SRV query is always the SSSD domain name. Please note that this patch changes the default value of ldap_uri from "ldap://localhost" to "NULL" in order to use service discovery with no server set.
2010-02-18Rename server/ directory to src/Stephen Gallagher1-0/+115
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-07-07 19:50:45 +0000