summaryrefslogtreecommitdiff
path: root/src/providers
AgeCommit message (Collapse)AuthorFilesLines
2012-05-04Modify behavior of pam_pwd_expiration_warningJan Zeleny2-16/+57
New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider.
2012-05-03LDAP: Add support for enumeration of ID-mapped users and groupsStephen Gallagher1-31/+102
2012-05-03LDAP: Treat groups with unmappable SIDs as non-POSIX groupsStephen Gallagher1-9/+12
2012-05-03LDAP: Add helper function to map IDsStephen Gallagher5-119/+81
This function will also auto-create a new ID map if the domain has not been seen previously.
2012-05-03LDAP: Do not remove uidNumber and gidNumber attributes when saving id-mapped ↵Stephen Gallagher2-0/+16
entries
2012-05-03LDAP: Add helper routine to convert LDAP blob to SID stringStephen Gallagher5-68/+195
2012-05-03LDAP: Map the user's primaryGroupIDStephen Gallagher4-12/+69
2012-05-03LDAP: Enable looking up id-mapped groups by GIDStephen Gallagher1-2/+45
2012-05-03LDAP: Allow looking up ID-mapped groups by nameStephen Gallagher2-29/+125
2012-05-03LDAP: Enable looking up id-mapped users by UIDStephen Gallagher1-6/+43
2012-05-03LDAP: Allow automatically-provisioning a domain and rangeStephen Gallagher1-3/+43
If we get a user who is a member of a domain we haven't seen before, add a domain entry (auto-assigning its slice). Since we don't know the domain's real name, we'll just save the domain SID string as the name as well.
2012-05-03LDAP: Add routine to extract domain SID from an object SIDStephen Gallagher2-0/+49
Also makes the domain prefix macros from sss_idmap public.
2012-05-03LDAP: Allow setting a default domain for id-mapping slice 0Stephen Gallagher4-0/+42
2012-05-03LDAP: Add autorid compatibility modeStephen Gallagher4-8/+17
2012-05-03LDAP: Enable looking up ID-mapped users by nameStephen Gallagher2-9/+55
2012-05-03LDAP: Initialize ID mapping when configuredStephen Gallagher2-0/+10
2012-05-03LDAP: Add ID mapping range settingsStephen Gallagher3-0/+9
2012-05-03LDAP: Add helper routines for ID-mappingStephen Gallagher2-0/+334
2012-05-03LDAP: Add id-mapping optionStephen Gallagher3-0/+3
2012-05-03LDAP: Add objectSID config optionStephen Gallagher3-0/+10
2012-05-03Read sysdb attribute name, not LDAP attribute map nameJakub Hrozek1-2/+2
https://fedorahosted.org/sssd/ticket/1320
2012-05-03SSH: Add dp_get_host_send to common responder codeJakub Hrozek3-30/+24
Instead of using account_info request, creates a new ssh specific request. This improves code readability and will make the code more flexible in the future. https://fedorahosted.org/sssd/ticket/1176
2012-05-03Rename split_service_name_filterJakub Hrozek1-16/+16
The function was used outside services code which was confusing due to its name. This patch renames it to sound more netrual.
2012-05-03IPA: Check return valuesJakub Hrozek2-2/+12
2012-05-03PROXY: return correct return codesJakub Hrozek1-7/+9
We were reporting on the value of "status" instead of "ret'. We also didn't set ret to EOK in cases group contained no members.
2012-05-02DP: return correct error message when subdomains back end target is not ↵Jakub Hrozek1-1/+1
configured The done handler uses the value of status, not ret.
2012-05-02HBAC: Prevent NULL dereference in hbac_evaluateJakub Hrozek1-2/+4
'info' is optional parameter and can be set to NULL
2012-05-02ipa_get_config_send: remove unused assignmentJakub Hrozek1-1/+0
2012-05-02IPA netgroups: return EOK when there are no netgroups to processJakub Hrozek1-0/+1
If the code fell through the loop, ret would have been random value.
2012-05-02LDAP: check return value of sysdb_attrs_get_elJakub Hrozek1-0/+7
2012-05-01execv, excvp and exec_child never return EOKStef Walter2-10/+6
* So don't need to handle that case
2012-04-24Utilize sysdb context within be_req in HBACJan Zeleny1-2/+2
2012-04-24Detect subdomain request in IPA access providerJan Zeleny1-0/+10
2012-04-24Accept be_req instead if be_ctx in LDAP access providerJan Zeleny3-15/+16
2012-04-24Carry sysdb context and domain info in be_req structureJan Zeleny2-0/+5
2012-04-24Basic support for subdomains in auth providerJan Zeleny3-3/+13
2012-04-24Add ID operations in subdomainsJan Zeleny3-0/+276
2012-04-24Add s2n extended operationSumit Bose2-0/+667
2012-04-24Add domain name to get_account_info requestSumit Bose2-0/+10
2012-04-24IPA: Add get-domains targetSumit Bose6-0/+425
2012-04-24data provider: added subdomainsSumit Bose3-2/+167
2012-04-24Responder part of the subdomain retrieval workJan Zeleny1-0/+1
2012-04-20Get the RootDSE after binding if not successfull beforeJakub Hrozek1-26/+104
https://fedorahosted.org/sssd/ticket/1258
2012-04-20Convert read and write operations to sss_atomic_readJakub Hrozek3-78/+52
https://fedorahosted.org/sssd/ticket/1209
2012-04-20sdap_check_aliases must not error when detects the same userJakub Hrozek1-13/+31
https://fedorahosted.org/sssd/ticket/1307
2012-04-20Free controls in sdap_rebind_procJakub Hrozek1-4/+6
2012-04-20proxy: new option proxy_fast_aliasJakub Hrozek3-43/+123
2012-04-20proxy: Canonicalize user and group namesJakub Hrozek1-312/+354
https://fedorahosted.org/sssd/ticket/1249
2012-04-18Fixed minor memory leak in ldap providerJan Zeleny1-0/+1
2012-04-18Fixed memory context in sdap_fill_memberships()Jan Zeleny1-1/+1
generated by cgit (git 2.34.1) at 2024-06-30 18:12:28 +0000