| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2012-03-28 | Add terminator for sdap_attr_map | Stephen Gallagher | 1 | -0/+1 | |
| 2012-02-24 | IPA hosts refactoring | Jan Zeleny | 1 | -2/+0 | |
| 2012-02-07 | LDAP: Add support for SSH user public keys | Jan Cholasta | 1 | -0/+1 | |
| 2012-02-06 | Update shadowLastChanged attribute during LDAP password change | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1019 | |||||
| 2012-02-06 | Session target in IPA provider | Jan Zeleny | 1 | -0/+1 | |
| 2012-02-05 | AUTOFS: LDAP provider | Jakub Hrozek | 1 | -0/+19 | |
| 2012-02-04 | NSS: Add individual timeouts for entry types | Stephen Gallagher | 1 | -1/+0 | |
| https://fedorahosted.org/sssd/ticket/1016 | |||||
| 2012-01-31 | LDAP: Add enumeration support for services | Stephen Gallagher | 1 | -0/+1 | |
| 2012-01-31 | LDAP: Add support for service lookups (non-enum) | Stephen Gallagher | 1 | -0/+13 | |
| 2012-01-18 | LDAP: Add option to disable paging control | Stephen Gallagher | 1 | -0/+1 | |
| Fixes https://fedorahosted.org/sssd/ticket/967 | |||||
| 2012-01-17 | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 1 | -0/+2 | |
| https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | |||||
| 2011-12-16 | SUDO Integration - LDAP configuration options | Pavel Březina | 1 | -0/+20 | |
| 2011-12-12 | Add sdap_connection_expire_timeout option | Stephen Gallagher | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1036 | |||||
| 2011-12-08 | Add ldap_sasl_minssf option | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/1075 | |||||
| 2011-11-23 | Renamed some LDAP routines | Jan Zeleny | 1 | -0/+1 | |
| These were renamed just ot make sure they are not mistook for IPA netgroup functions. | |||||
| 2011-11-22 | Cleanup: Remove unused parameters | Jakub Hrozek | 1 | -2/+0 | |
| 2011-11-02 | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/957 | |||||
| 2011-11-02 | LDAP: Add parser for multiple search bases | Stephen Gallagher | 1 | -0/+11 | |
| 2011-11-02 | Remove unused sdap_options attributes | Stephen Gallagher | 1 | -3/+0 | |
| These DNs were never assigned or referenced anywhere. | |||||
| 2011-09-06 | Improve error message for LDAP password constraint violation | Jakub Hrozek | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/985 | |||||
| 2011-08-26 | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/978 | |||||
| 2011-07-08 | Add LDAP access control based on NDS attributes | Sumit Bose | 1 | -0/+6 | |
| 2011-06-30 | Add sockaddr_storage to sdap_service | Sumit Bose | 1 | -0/+1 | |
| 2011-05-20 | Use dereference when processing RFC2307bis nested groups | Jakub Hrozek | 1 | -0/+1 | |
| Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799 | |||||
| 2011-05-20 | OpenLDAP dereference searches | Jakub Hrozek | 1 | -0/+7 | |
| This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00 | |||||
| 2011-05-20 | Generic dereference data structures and utilities | Jakub Hrozek | 1 | -0/+10 | |
| These will be shared by both dereference methods in a later patch. | |||||
| 2011-05-20 | Remove append_attrs_to_array | Jakub Hrozek | 1 | -1/+0 | |
| This function was not used anywhere | |||||
| 2011-04-27 | Add ldap_page_size configuration option | Stephen Gallagher | 1 | -0/+2 | |
| 2011-04-25 | Modify principal selection for keytab authentication | Jan Zeleny | 1 | -0/+1 | |
| Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781 | |||||
| 2011-04-19 | Add value of the last USN to server configuration | Stephen Gallagher | 1 | -0/+1 | |
| Related: https://fedorahosted.org/sssd/ticket/734 | |||||
| 2011-04-08 | Don't pass NULL to printf for TLS errors | Jakub Hrozek | 1 | -10/+0 | |
| https://fedorahosted.org/sssd/ticket/643 | |||||
| 2011-03-24 | Add host access control support | Pierre Ossman | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/746 | |||||
| 2011-01-27 | Add option to disable TLS for LDAP auth | Stephen Gallagher | 1 | -0/+1 | |
| Option is named to discourage use in production environments and is intentionally not listed in the SSSDConfig API. | |||||
| 2011-01-20 | Add ldap_tls_{cert,key,cipher_suite} config options | Tyson Whitehead | 1 | -0/+3 | |
| Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | |||||
| 2011-01-19 | Add LDAP expire policy base RHDS/IPA attribute | Sumit Bose | 1 | -0/+3 | |
| The attribute nsAccountLock is used by RHDS, IPA and other directory servers to indicate that the account is locked. | |||||
| 2011-01-19 | Add LDAP expire policy based on AD attributes | Sumit Bose | 1 | -0/+5 | |
| The second bit of userAccountControl is used to determine if the account is enabled or disabled. accountExpires is checked to see if the account is expired. | |||||
| 2011-01-17 | Add ldap_search_enumeration_timeout config option | Sumit Bose | 1 | -0/+1 | |
| 2010-12-21 | Add authorizedService support | Stephen Gallagher | 1 | -0/+1 | |
| https://fedorahosted.org/sssd/ticket/670 | |||||
| 2010-12-07 | Replace krb5_kdcip by krb5_server in LDAP provider | Sumit Bose | 1 | -1/+1 | |
| 2010-12-07 | ldap: Use USN entries if available. | Simo Sorce | 1 | -0/+7 | |
| Otherwise fallback to the default modifyTimestamp indicator | |||||
| 2010-12-07 | ldap: add checks to determine if USN features are available. | Simo Sorce | 1 | -0/+17 | |
| 2010-12-06 | Add ldap_chpass_uri config option | Sumit Bose | 1 | -0/+2 | |
| 2010-12-06 | Add new account expired rule to LDAP access provider | Sumit Bose | 1 | -0/+2 | |
| Two new options are added to the LDAP access provider to allow a broader range of access control rules to be evaluated. 'ldap_access_order' makes it possible to run more than one rule. To keep compatibility with older versions the default is 'filter'. This patch adds a new rule 'expire'. 'ldap_account_expire_policy' specifies which LDAP attribute should be used to determine if an account is expired or not. Currently only 'shadow' is supported which evaluates the ldap_user_shadow_expire attribute. | |||||
| 2010-11-04 | Use (default)namingContext to set empty search bases | Sumit Bose | 1 | -0/+5 | |
| 2010-11-04 | Add defaultNamingContext to RootDSE attributes | Sumit Bose | 1 | -0/+2 | |
| 2010-10-22 | Add ldap_deref option | Sumit Bose | 1 | -0/+1 | |
| 2010-10-18 | Add option to limit nested groups | Simo Sorce | 1 | -0/+1 | |
| 2010-10-13 | Add infrastructure to LDAP provider for netgroup support | Sumit Bose | 1 | -0/+13 | |
| 2010-10-13 | Initialize kerberos service for GSSAPI | Jakub Hrozek | 1 | -0/+1 | |
| 2010-10-13 | Add KDC to the list of LDAP options | Jakub Hrozek | 1 | -0/+1 | |
 |
index : sssd | |
| System Security Services Daemon | ben |
| summaryrefslogtreecommitdiff |