Commits - freeipa - Pagure.io

Become IPA 4.1.5

Tomas Babej • 5 years ago

572124c

ipasam: fix a use-after-free issue

Sumit Bose • 5 years ago

47df949

ipasam: use more restrictive search filter for group lookup

Sumit Bose • 5 years ago

bc0d6b4

ipasam: fix wrong usage of talloc_new()

Sumit Bose • 5 years ago

c87ce19

enable debugging of ntpd during client installation

Martin Babinsky • 5 years ago

bd1e314

Server Upgrade: fix memberUid index

Martin Basti • 5 years ago

f6901e5

Fix indicies ntUserDomainId, ntUniqueId

Martin Basti • 5 years ago

cf2587c

migration: Use api.env variables.

David Kupka • 5 years ago

e40a6bc

ipa-kdb: filter out group membership from MS-PAC for exact SID matches too

Alexander Bokovoy • 5 years ago

d69603c

ipa-kdb: use proper memory chunk size when moving sids

Alexander Bokovoy • 5 years ago

74c80e8

FIX: Clear SSSD caches when uninstalling the client

Martin Basti • 5 years ago

56db663

webui: add mangedby tab to otptoken

Petr Vobornik • 5 years ago

5439e7a

idviews: Remove ID overrides for permanently removed users and groups

Tomas Babej • 5 years ago

12f3da5

idviews: Allow users specify the raw anchor directly as identifier

Tomas Babej • 5 years ago

7e61317

idviews: Set dcerpc detection flag properly

Tomas Babej • 5 years ago

534822b

DNSSEC: Store time & date key metadata in UTC.

Petr Spacek • 5 years ago

840bf5f

Clear SSSD caches when uninstalling the client

Gabe • 5 years ago

222427c

DNSSEC: Improve ipa-ods-exporter log messages with key metadata.

Petr Spacek • 5 years ago

a983140

DNSSEC: Add ability to trigger full data synchronization to ipa-ods-exporter.

Petr Spacek • 5 years ago

4840b50

DNSSEC: log ipa-ods-exporter file lock operations into debug log

Petr Spacek • 5 years ago

70ee45c

DNSSEC: ipa-ods-exporter: move zone synchronization into separate function

Petr Spacek • 5 years ago

fd5ace8

DNSSEC: Accept ipa-ods-exporter commands from command line.

Petr Spacek • 5 years ago

8fc6fa7

DNSSEC: Detect invalid master keys in LDAP.

Petr Spacek • 5 years ago

17fcdc3

Bump minimal BIND version for CentOS.

Petr Spacek • 5 years ago

bb396d4

Hide traceback in ipa-dnskeysyncd if kinit failed.

Petr Spacek • 5 years ago

6f9d16f

Fix OTP token URI generation

Nathaniel McCallum • 5 years ago

de7aed1

DNSSEC: fix traceback during shutdown phase

Martin Basti • 5 years ago

a5d8d79

DNSSEC: Detect zone shadowing with incorrect DNSSEC signatures.

Petr Spacek • 5 years ago

c5e6f97

DNSSEC: validate forward zone forwarders

Martin Basti • 5 years ago

9a90ef2

DNSSEC: Improve global forwarders validation

Martin Basti • 5 years ago

e8f3956

Add compatibility function for older libkrb5

Simo Sorce • 5 years ago

aae54b2

Detect default encsalts kadmin password change

Simo Sorce • 5 years ago

7077622

replica-manage: Properly delete nested entries

Tomas Babej • 5 years ago

aa83d20

ipaserver/dcerpc: Ensure LSA pipe has session key before using it

Alexander Bokovoy • 5 years ago

d74f938

client-install: Fix kinits with non-default Kerberos config file

Jan Cholasta • 5 years ago

f6f94ae

DNSSEC: update OpenDNSSEC KASP configuration

Martin Basti • 5 years ago

9b7fe37

DNSSEC: FIX Do not re-create kasp.db if already exists

Martin Basti • 5 years ago

d7cfc11

Unsaved changes dialog internally inconsistent

Gabe • 5 years ago

5ac5564

Fix a signedness bug in OTP code

Nathaniel McCallum • 5 years ago

352360a

suppress errors arising from deleting non-existent files during client uninstall

Martin Babinsky • 5 years ago

b04435a

point the users to PKI-related logs when CA configuration fails

Martin Babinsky • 5 years ago

04fbbbb

Make lint work on Fedora 22.

David Kupka • 5 years ago

0acfd39

Removed recommendation from ipa-adtrust-install

Thorsten Scherf • 5 years ago

f838e80

Adopted kinit_keytab and kinit_password for kerberos auth

Martin Babinsky • 5 years ago

0ca8254

ipa-client-install: try to get host TGT several times before giving up

Martin Babinsky • 5 years ago

48095ca

ipautil: new functions kinit_keytab and kinit_password

Martin Babinsky • 5 years ago

3749c8d

do not install CA on replica during integration test if setup_ca=False

Martin Babinsky • 5 years ago

f47da5a

DNSSEC CI tests

Martin Basti • 5 years ago

f3b5d16

do not log BINDs to non-existent users as errors

Martin Babinsky • 5 years ago

ede3298

Ipatests DNS SOA Record Maintenance

Ales 'alich' Marecek • 5 years ago

8f94ac1

DNSSEC: Do not log into files

Martin Basti • 5 years ago

e27b9d1

Skip time sync during client install when using --no-ntp

Nathan Kinder • 5 years ago

b5969c1

Become IPA 4.1.4

Petr Vobornik • 5 years ago

1b46fad

slapi-nis: require 0.54.2 for CVE-2015-0283 fixes

Alexander Bokovoy • 5 years ago

93302a8

extdom: fix wrong realloc size

Sumit Bose • 5 years ago

fd8e796

fix Makefile.am for daemons

Alexander Bokovoy • 5 years ago

447c5c7

show the exception message thrown by dogtag._parse_ca_status during install

Martin Babinsky • 5 years ago

d7863f3

migrate-ds: print out failed attempts when no users/groups are migrated

Martin Babinsky • 5 years ago

3284cbf

upload_cacrt: Fix empty cACertificate in cn=CAcert

Jan Cholasta • 5 years ago

f0a49b9

client: Fix ca_is_enabled calls

Jan Cholasta • 5 years ago

6e67210

client-install: Do not crash on invalid CA certificate in LDAP

Jan Cholasta • 5 years ago

ad77613

certstore: Make certificate retrieval more robust

Jan Cholasta • 5 years ago

4154c88

extdom: fix memory leak

Sumit Bose • 5 years ago

179be3c

extdom: return LDAP_NO_SUCH_OBJECT to the client

Sumit Bose • 5 years ago

c556323

extdom: make nss buffer configurable

Sumit Bose • 5 years ago

ec7a55a

extdom: handle ERANGE return code for getXXYYY_r() calls

Sumit Bose • 5 years ago

5bd4b7a

Add configure check for cwrap libraries

Sumit Bose • 5 years ago

cc6fc37

ipa-dns-install: use STARTTLS to connect to DS

Martin Babinsky • 5 years ago

41ca3fb

Timeout when performing time sync during client install

Nathan Kinder • 5 years ago

80aeb44

ipa-replica-prepare can only be created on the first master

Gabe • 5 years ago

169a37d

Fix dead code in ipap11helper module

Martin Basti • 5 years ago

939fd3d

DNS: remove NSEC3PARAM from records

Martin Basti • 5 years ago

5f191e8

DNS fix: do not show part options for unsupported records

Martin Basti • 5 years ago

d89fca7

DNS fix: do not traceback if unsupported records are in LDAP

Martin Basti • 5 years ago

56f0eb4

p11helper: clarify error message

Petr Spacek • 5 years ago

8fefd63

p11helper: use sizeof() instead of magic constants

Petr Spacek • 5 years ago

40f56e5

p11helper: standardize indentation and other visual aspects of the code

Petr Spacek • 5 years ago

a6d7e8d

Remove unused method from ipap11pkcs helper module

Martin Basti • 5 years ago

4e2ddfb

Fix memory leaks in ipap11helper

Martin Basti • 5 years ago

508ad92

DNSSEC add support for CKM_RSA_PKCS_OAEP mechanism

Martin Basti • 5 years ago

c411d6a

Limit deadlocks between DS plugin DNA and slapi-nis

root • 5 years ago

5c36114

Restore default.conf and use it to build API.

David Kupka • 5 years ago

253f9ad

Use IPA CA certificate when available and ignore NO_TLS_LDAP when not.

David Kupka • 5 years ago

0344f24

ipatests: Add tests for valid and invalid ipa-advise

Gabe • 5 years ago

ddd7fb6

ipa-replica-prepare should document ipv6 options

Gabe • 5 years ago

3ab7f55

ipa-range-check: do not treat missing objects as error

Sumit Bose • 5 years ago

e8b3ed3

idviews: Use case-insensitive detection of Default Trust View

Tomas Babej • 5 years ago

96624f2

Stop including the DES algorythm from openssl.

Simo Sorce • 5 years ago

840903c

Add a clear OpenSSL exception.

Simo Sorce • 5 years ago

ecbef04

Remove references to GPL v2.0 license

Martin Kosek • 5 years ago

4ddcca6

ipalib: Make sure correct attribute name is referenced for fax

Tomas Babej • 5 years ago

73f6d69

ipatests: Add coverage for adding and removing sshpubkeys in ID overrides

Tomas Babej • 5 years ago

6667701

ipatests: add missing ssh object classes to idoverrideuser

Petr Vobornik • 5 years ago

bfef4d2

Become IPA 4.1.3

Petr Vobornik • 5 years ago

7f560c5

Changing the token owner changes also the manager

Martin Babinsky • 5 years ago

c985de1

group-detach does not add correct objectclasses

Martin Kosek • 5 years ago

2dd54c9

Fix TOTP Synchronization Window label

Petr Vobornik • 5 years ago

f1abbbc

permission-add does not prompt for ipapermright in interactive mode

Gabe • 5 years ago

0ffe759

migrate-ds: exit with error message if no users/groups to migrate are found

Martin Babinsky • 5 years ago

f7e6102

ipa-kdb: reject principals from disabled domains as a KDC policy

Alexander Bokovoy • 5 years ago

6d6e924

ipa-kdb: when processing transitions, hand over unknown ones to KDC

Alexander Bokovoy • 5 years ago

0d3b4cd

Handle DAL ABI change in MIT 1.13

Simo Sorce • 5 years ago

6162426

Bump 389-ds-base and pki-ca dependencies for POODLE fixes

Jan Cholasta • 5 years ago

caf70a1

Fix reference counting in pkcs11 extension

Martin Basti • 5 years ago

2f4ed3c

ipa-client-install: put eol character after the last line of altered config file(s)

Martin Babinsky • 5 years ago

919f0db

Typos in ipa-rmkeytab options help and man page

Gabe • 5 years ago

d251e52

OTP: emit a log message when LDAP entry for config record is not found

Martin Babinsky • 5 years ago

5bad375

ipa-uuid: emit a message when unexpected mod type is encountered

Martin Babinsky • 5 years ago

f28facb

ipa-pwd-extop: added an informational comment about intentional fallthrough

Martin Babinsky • 5 years ago

b5d29c7

OTP: failed search for the user of last token emits an error message

Martin Babinsky • 5 years ago

8242660

ipa-kdb: more robust handling of principal addition/editing

Martin Babinsky • 5 years ago

b0a8623

always get PAC for client principal if AS_REQ is true

Martin Babinsky • 5 years ago

8e56f49

ipa-kdb: unexpected error code in 'ipa_kdb_audit_as_req' triggers a message

Martin Babinsky • 5 years ago

e38c13e

Use dyndns_update instead of deprecated sssd option

Martin Basti • 6 years ago

031bdca

Moved dbus-python dependence to freeipa-python package

Martin Babinsky • 6 years ago

f5352a8

idviews: Allow setting ssh public key on ipauseroverride-add

David Kupka • 6 years ago

0dc7448

Do not crash when replica is unreachable in ipa-restore

Jan Cholasta • 6 years ago

74853b6

Create correct log directories during full restore in ipa-restore

Jan Cholasta • 6 years ago

275fb2d

ipatests: Fix incorrect assumptions in idviews tests

Tomas Babej • 6 years ago

375ab7a

ipatests: Fix old command references in the ID views tests

Tomas Babej • 6 years ago

72ca23c

ipatests: Add coverage for referential integrity plugin applied on ipaAssignedIDView

Tomas Babej • 6 years ago

60e157c

Always return absolute idnsname in dnszone commands

Martin Basti • 6 years ago

270253a

DNSSEC: fix root zone dns name conversion

Martin Basti • 6 years ago

64cf307

DNSSEC catch ldap exceptions in ipa-dnskeysyncd

Martin Basti • 6 years ago

3b75c20

Print PublicError traceback when in debug mode

Martin Kosek • 6 years ago

877321e

Revert "Make all ipatokenTOTP attributes mandatory"

Jan Cholasta • 6 years ago

5b99024

Add anonymous read ACI for DUA profile

Martin Kosek • 6 years ago

b54b740

Add debug messages into client autodetection

Martin Basti • 6 years ago

1bde1b0

Put LDIF files to their original location in ipa-restore

Jan Cholasta • 6 years ago

8559941

Replication Administrators cannot remove replication agreements

Martin Kosek • 6 years ago

338831a

Do not assume certmonger is running in httpinstance

Jan Cholasta • 6 years ago

f204b28

Allow Replication Administrators manipulate Winsync Agreements

Martin Kosek • 6 years ago

794c9e6

Allow PassSync user to locate and update NT users

Martin Kosek • 6 years ago

282d1ec

ipa-cldap: support NETLOGON_NT_VERSION_5EX_WITH_IP properly

Alexander Bokovoy • 6 years ago

426759f

Support Samba PASSDB 0.2.0 aka interface version 24

Alexander Bokovoy • 6 years ago

ecd6896

DNS tests: warning if forward zone is inactive

Martin Basti • 6 years ago

3952035

Detect and warn about invalid DNS forward zone configuration

Martin Basti • 6 years ago

0348331

Fix validation of ipa-restore options

Jan Cholasta • 6 years ago

6950e7b

Make certificate renewal process synchronized

Jan Cholasta • 6 years ago

760ebaa

Restart dogtag when its server certificate is renewed

Jan Cholasta • 6 years ago

ff52891

Do not crash on unknown services in installutils.stopped_service

Jan Cholasta • 6 years ago

065e2bb

Fix CA certificate renewal syslog alert

Jan Cholasta • 6 years ago

818136b

Remove RUV from LDIF files before using them in ipa-restore

Jan Cholasta • 6 years ago

eb79170

Fix ipa-restore on systems without IPA installed

Jan Cholasta • 6 years ago

a98bc23

baseldap: Handle missing parent objects properly in *-find commands

Tomas Babej • 6 years ago

4413446

Abort backup restoration on not matching host.

David Kupka • 6 years ago

640a4b3

Remove ipanttrustauthincoming/ipanttrustauthoutgoing from ipa trust-add output.

David Kupka • 6 years ago

333b899

New test cases for Forward_zones

Martin Basti • 6 years ago

9f3b445

DNS tests: separate current forward zone tests

Martin Basti • 6 years ago

e5cd6f2

rpcclient: use json_encode_binary for verbose output

Petr Vobornik • 6 years ago

872ba41

migrate-ds: fix compat plugin check

Petr Vobornik • 6 years ago

63ba170

Fix traceback if zonemgr error contains unicode

Martin Basti • 6 years ago

fb1d848

Bump SSSD Requires to 1.12.3

Martin Kosek • 6 years ago

30dae37

Fix zone find during forwardzone upgrade

Martin Basti • 6 years ago

39a4f68

Fix: Upgrade forwardzones zones after adding newer replica

Martin Basti • 6 years ago

11740bc

Remove the removal of the ccache

Simo Sorce • 6 years ago

2d2230e

Avoid calling ldap functions without a context

Simo Sorce • 6 years ago

7a90106

Always add /etc/hosts record when DNS is being configured.

David Kupka • 6 years ago

30868db

idviews: Ignore host or hostgroup options set to None

Tomas Babej • 6 years ago

86a7dfc

idviews: Complain if host is already assigned the ID View in idview-apply

Tomas Babej • 6 years ago

12f6969

Remove dependency on subscription-manager

Gabe • 6 years ago

bd5947a

Fix don't check certificate during getting CA status

Martin Basti • 6 years ago

8440c2e

Show SSHFP record containing space in fingerprint

Martin Basti • 6 years ago

d229c4a

Refer the user to freeipa.org when something goes wrong in ipa-cacert-manage

Jan Cholasta • 6 years ago

3cb2f5e

Check subject name encoding in ipa-cacert-manage renew

Jan Cholasta • 6 years ago

731035e

Using wget to get status of CA

Martin Basti • 6 years ago

5052af7

revert removal of cn attribute from idnsRecord

Petr Vobornik • 6 years ago

2fa07b1

Improve validation of --instance and --backend options in ipa-restore

Jan Cholasta • 6 years ago

f92d0ef

Do not renew the IPA CA cert by serial number in dogtag-ipa-ca-renew-agent

Jan Cholasta • 6 years ago

7f1db93

Fix automatic CA cert renewal endless loop in dogtag-ipa-ca-renew-agent

Jan Cholasta • 6 years ago

9bfb16c

Upgrade fix: masking named should be executed only once

Martin Basti • 6 years ago

b13f764

webui: increase duration of notification messages

Petr Vobornik • 6 years ago

88ab70b

webui: fix service unprovisioning

Petr Vobornik • 6 years ago

d1cc285

Prefer TCP connections to UDP in krb5 clients

Nathaniel McCallum • 6 years ago

d73ed48

hosts: Display assigned ID view by default in host-find and show commands

Tomas Babej • 6 years ago

b986eb2

Create an OTP help topic

Nathaniel McCallum • 6 years ago

f5ae902

Make token auth and sync windows configurable

Nathaniel McCallum • 6 years ago

3013385

No explicit zone specification.

Jan Pazdziora • 6 years ago

8b43014

add --hosts and --hostgroup options to allow/retrieve keytab methods

Petr Vobornik • 6 years ago

1108e71

Enable last token deletion when password auth type is configured

Nathaniel McCallum • 6 years ago

a0421d8

Move authentication configuration cache into libotp

Nathaniel McCallum • 6 years ago

faa4d72

Preliminary refactoring of libotp files

Nathaniel McCallum • 6 years ago

b4e85d0

certs: Fix incorrect flag handling in load_cacert

Tomas Babej • 6 years ago

db4ac47

fix indentation in ipa-restore page

Petr Vobornik • 6 years ago

250bb5c

Throw zonemgr error message before installation proceeds

Martin Basti • 6 years ago

07e29d2

Re-initialize NSS database after otptoken plugin tests

Tomas Babej • 6 years ago

7215f7e

Use singular in help metavars + update man pages.

David Kupka • 6 years ago

2f8c4e7

Catch USBError during YubiKey location

Nathaniel McCallum • 6 years ago

a7a7e96

Fix zonemgr option encoding detection

Martin Basti • 6 years ago

e457a3e

webui: add radius fields to user page

Petr Vobornik • 6 years ago

9e18d59

Become IPA 4.1.2

Petr Vobornik • 6 years ago

ee01ea7

Add TLS 1.2 to the protocol list in mod_nss config

Jan Cholasta • 6 years ago

dc443cc

AD trust: improve trust validation

Alexander Bokovoy • 6 years ago

538e023

Fix memory leak in GetKeytabControl asn1 code

Jan Cholasta • 6 years ago

94bc7a9

Fix unchecked return value in krb5 common utils

Jan Cholasta • 6 years ago

856012e

Fix unchecked return value in ipa-join

Jan Cholasta • 6 years ago

856321b

Fix unchecked return values in ipa-winsync

Jan Cholasta • 6 years ago

d15eca0

Fix unchecked return value in ipa-kdb

Jan Cholasta • 6 years ago

6aea2c3

Fix Kerberos error handling in ipa-sam

Jan Cholasta • 6 years ago

02f8554

Unload P11_Helper object's library when it is finalized in ipap11helper

Jan Cholasta • 6 years ago

3663b8c

Remove redefinition of LOG from ipa-otp-lasttoken

Jan Cholasta • 6 years ago

70b1a2d

copy_schema_to_ca: Fallback to old import location for ipaplatform.services

Petr Viktorin • 6 years ago

f287378

Fix error message for nonexistent members and add tests.

David Kupka • 6 years ago

192c499

webui: normalize idview tab labels

Petr Vobornik • 6 years ago

2fc53c9

webui: use domain name instead of domain SID in idrange adder dialog

Petr Vobornik • 6 years ago

9aeef07

Fix detection of encoding in zonemgr option

Martin Basti • 6 years ago

880f1e5

Use NSS protocol range API to set available TLS protocols

Rob Crittenden • 6 years ago

8ef1914

Stop tracking certificates before restoring them in ipa-restore

Jan Cholasta • 6 years ago

66db7b9

ipa-restore: Check if directory is provided + better errors.

David Kupka • 6 years ago

b40cf4b

Use correct service name in cainstance.backup_config

Jan Cholasta • 6 years ago

1b5cd5b

Fix: read_ip_addresses should return ipaddr object

Martin Basti • 6 years ago

5b397dc

Use asn1c helpers to encode/decode the getkeytab control

Simo Sorce • 6 years ago

dd3e916

Add asn1c generated code for keytab controls

Simo Sorce • 6 years ago

45ceef1

Fix filtering of enctypes in server code.

Simo Sorce • 6 years ago

f065cec

Fix --{user,group}-ignore-attribute in migration plugin.

David Kupka • 6 years ago

8ab85f1

Fix pk11helper module compiler warnings

Martin Basti • 6 years ago

b902ec2

restore: clear httpd ccache after restore

Petr Vobornik • 6 years ago

7745e0f

Restore file extended attributes and SELinux context in ipa-restore

Jan Cholasta • 6 years ago

215f545

Add additional backup & restore checks

Petr Viktorin • 6 years ago

768cccd

Raise right exception if domain name is not valid

Martin Basti • 6 years ago

1a6de2a

webui: fix potential XSS vulnerabilities

Petr Vobornik • 6 years ago

af9fd4d

Show warning instead of error if CA did not start

Martin Basti • 6 years ago

3f3f49e

Do not restore SELinux settings that were not backed up

Petr Viktorin • 6 years ago

1d7407c

Fix wrong expiration date on renewed IPA CA certificates

Jan Cholasta • 6 years ago

7aa855a

Fix warning message should not contain CLI commands

Martin Basti • 6 years ago

38130c6

Enable QR code display by default in otptoken-add

Nathaniel McCallum • 6 years ago

1cd2ca1

Update Requires on pki-ca to 10.2.1-0.1

Jan Cholasta • 6 years ago

4e11931

Fix: zonemgr must be unicode value

Martin Basti • 6 years ago

53cf615

Lower pki-ca requires to 10.1.2

Martin Kosek • 6 years ago

1a8bb5b

Add UTC date to GIT snapshot version generation

Simo Sorce • 6 years ago

43d779d

Fix named working directory permissions

Martin Basti • 6 years ago

ba12404

Add help string on how to configure multiple DNS forwards for various cli tools

Thorsten Scherf • 6 years ago

8a3389d

Ensure users exist when assigning tokens to them

Nathaniel McCallum • 6 years ago

2c1d40b

Improve otptoken help messages

Nathaniel McCallum • 6 years ago

444ae28

Produce better error in group-add command.

David Kupka • 6 years ago

cef8e06

Remove service file even if it isn't link.

David Kupka • 6 years ago

5179525

Remove unneeded internal methods. Move code to public methods.

David Kupka • 6 years ago

814479a

Upgrade: fix trusts objectclass violationi

Martin Basti • 6 years ago

60ff57b

Fix upgrade referint plugin

Martin Basti • 6 years ago

65624c9

Search using proper scope when connecting CA instances

Rob Crittenden • 6 years ago

606de21

Fix: DNS policy upgrade raises asertion error

Martin Basti • 6 years ago

1b22a53

ipaplatform: Use the dirsrv service, not target

Petr Viktorin • 6 years ago

082485c

Fix: DNS installer adds invalid zonemgr email

Martin Basti • 6 years ago

3ab75d7

Fix CA certificate backup and restore

Jan Cholasta • 6 years ago

7c2aad1

webui: prohibit setting rid base with ipa-trust-ad-posix type

Petr Vobornik • 6 years ago

c2ac4a8

idrange: include raw range type in output

Petr Vobornik • 6 years ago

0105ef6

ldapupdater: set baserid to 0 for ipa-ad-trust-posix ranges

Petr Vobornik • 6 years ago

2983a0d

unittests: baserid for ipa-ad-trust-posix idranges

Petr Vobornik • 6 years ago

b5aafa4

ranges: prohibit setting --rid-base with ipa-trust-ad-posix type

Petr Vobornik • 6 years ago

0b36c10

ipa-restore: Don't crash if AD trust is not installed

Petr Viktorin • 6 years ago

d6b79a3

ipa-server-install Directory Manager help incorrect

Gabe • 6 years ago

488c10e

Fix minimal version of BIND for Fedora 20 and 21

Petr Spacek • 6 years ago

4662f28

Update slapi-nis dependency to pull 0.54.1

Alexander Bokovoy • 6 years ago

1102db7

Become IPA 4.1.1

Petr Vobornik • 6 years ago

02ccfa1

Ensure that a password exists after OTP validation

Nathaniel McCallum • 6 years ago

a601daa

Fix upgrade: do not use invalid ldap connection

Martin Basti • 6 years ago

5d65a2a

Stop dirsrv last in ipactl stop.

David Kupka • 6 years ago

25abb11

Deadlock in schema compat plugin (between automember_update_membership task and dse update)

Thierry bordaz (tbordaz) • 6 years ago

f0bcf2b

Fix various bugs in ipap11helper

Jan Cholasta • 6 years ago

1cc27f9

Fix memory leaks in ipa-join

Jan Cholasta • 6 years ago

100262f

Fix memory leak in ipa-pwd-extop

Jan Cholasta • 6 years ago

e2d47cb

Fix various bugs in ipa-opt-counter and ipa-otp-lasttoken

Jan Cholasta • 6 years ago

2d357a3

Fix memory leaks in ipa-extdom-extop

Jan Cholasta • 6 years ago

56d8329

Fix possible NULL dereference in ipa-kdb

Jan Cholasta • 6 years ago

04a6f71

Fail if certmonger can't see new CA certificate in LDAP in ipa-cacert-manage

Jan Cholasta • 6 years ago

59af17d

Respect UID and GID soft static allocation.

David Kupka • 6 years ago

71c24b1

Fix CI tests: install_adtrust

Martin Basti • 6 years ago

49a73e1

Add bind-dyndb-ldap working dir to IPA specfile

Martin Basti • 6 years ago

a214431

Do not wait for new CA certificate to appear in LDAP in ipa-certupdate

Jan Cholasta • 6 years ago

1b940d3

Handle profile changes in dogtag-ipa-ca-renew-agent

Jan Cholasta • 6 years ago

2ee248b

Fix zone name to directory name conversion in BINDMgr.

Petr Spacek • 6 years ago

4e42d17

Fix dns zonemgr validation regression

Martin Basti • 6 years ago

75cdc50

Add ipaSshPubkey and gidNumber to the ACI to read ID user overrides

Alexander Bokovoy • 6 years ago

47ab635

Do not check if port 8443 is available in step 2 of external CA install

Jan Cholasta • 6 years ago

e22cf5b

build: increase java stack size for all arches

Petr Vobornik • 6 years ago

1300f82

Become IPA 4.1.0

Petr Vobornik • 6 years ago

5bcaea7

fix forwarder validation errors

Martin Basti • 6 years ago

04816e7

Default to use TLSv1.0 and TLSv1.1 on the IPA server side

Alexander Bokovoy • 6 years ago

77b5a81

fix DNSSEC restore named state

Martin Basti • 6 years ago

27290bf

updater: enable uid uniqueness plugin for posixAccounts

Alexander Bokovoy • 6 years ago

2bc2874

DNSSEC: remove container_dnssec_keys

Jan Cholasta • 6 years ago

98100fe

DNSSEC: change link to ipa page

Martin Basti • 6 years ago

b84fc92

DNSSEC: add files to backup

Martin Basti • 6 years ago

bcb1e91

DNSSEC: add ipa dnssec daemons

Petr Spacek • 6 years ago

dc5b3af

DNSSEC: ACI

Martin Basti • 6 years ago

4ddc978

DNSSEC: upgrading

Martin Basti • 6 years ago

d254bcb

DNSSEC: uninstallation

Martin Basti • 6 years ago

4535324

DNSSEC: installation

Martin Basti • 6 years ago

877fedf

DNSSEC: modify named service to support dnssec

Martin Basti • 6 years ago

cc50112

DNSSEC: validate forwarders

Martin Basti • 6 years ago

f01acf8

DNSSEC: platform paths and services

Martin Basti • 6 years ago

9af49ff

DNSSEC: opendnssec services

Martin Basti • 6 years ago

abf4418

DNSSEC: DNS key synchronization daemon

Martin Basti • 6 years ago

52acc54

DNSSEC: add ipapk11helper module

Martin Basti • 6 years ago

3c7bc2a

DNSSEC: schema

Martin Basti • 6 years ago

3f0440f

DNSSEC: dependencies

Martin Basti • 6 years ago

82961a0

Add mask, unmask methods for service

Martin Basti • 6 years ago

f31f5f5

spec: Bump SSSD requires to 1.12.2

Tomas Babej • 6 years ago

d969f73

webui: update combobox input on list click

Petr Vobornik • 6 years ago

9053673

webui: do not show closed dialog

Petr Vobornik • 6 years ago

d3de9c0

extdom: remove unused dependency to libsss_idmap

Sumit Bose • 6 years ago

99b10e5

extdom: add support for sss_nss_getorigbyname()

Sumit Bose • 6 years ago

85f229d

Change ipaOverrideTarget OID to avoid conflict with DNSSEC feature

Alexander Bokovoy • 6 years ago

8629f17

Remove ipaContainer, ipaOrderedContainer objectclass

Martin Basti • 6 years ago

1b7bc35

Support idviews in compat tree

Alexander Bokovoy • 6 years ago

50f46fd

webui: do not offer ipa users to Default Trust View

Petr Vobornik • 6 years ago

34fb9f0

webui: hide (un)apply buttons for Default Trust View

Petr Vobornik • 6 years ago

3485c6e

webui: hide applied to hosts tab for Default Trust View

Petr Vobornik • 6 years ago

04a3dad

webui: change order of idview's facet groups

Petr Vobornik • 6 years ago

2046470

webui: make Evented a part of base IPA.object

Petr Vobornik • 6 years ago

b05f395

webui: allow --force in dnszone-mod and dnsrecord-add

Petr Vobornik • 6 years ago

502bf56

Configure IPA OTP Last Token plugin on upgrade

Nathaniel McCallum • 6 years ago

424b099

webui: management of keytab permissions

Petr Vobornik • 6 years ago

905238f

Create ipa-otp-counter 389DS plugin

Nathaniel McCallum • 6 years ago

2f8dc3b

Display token type when viewing token

Nathaniel McCallum • 6 years ago

23878c3

Update contributors

Martin Kosek • 6 years ago

3e94aee

webui: add new iduseroverride fields

Petr Vobornik • 6 years ago

ace4bec

webui: add link to OTP token app

Petr Vobornik • 6 years ago

bb8740a

idviews: error out if appling Default Trust View on hosts

Petr Vobornik • 6 years ago

47811d1

tests: management of keytab permissions

Petr Vobornik • 6 years ago

7313ed4

keytab manipulation permission management

Petr Vobornik • 6 years ago

9cfcb03

dns: fix privileges' memberof during dns install

Petr Vobornik • 6 years ago

895f350

Check LDAP instead of local configuration to see if IPA CA is enabled

Jan Cholasta • 6 years ago

5303e63

Do not fix trust flags in the DS NSS DB in ipa-upgradeconfig

Jan Cholasta • 6 years ago

277850e

Do not create ipa-pki-proxy.conf if CA is not configured in ipa-upgradeconfig

Jan Cholasta • 6 years ago

63557c2

Remove changetype attribute from update plugin

Martin Kosek • 6 years ago

2e38855

Add ipa-client-install switch --request-cert to request cert for the host

Jan Cholasta • 6 years ago

b5f9d40

Fix certmonger.request_cert

Jan Cholasta • 6 years ago

68a36a2

Fix CA cert validity check for CA-less and external CA installer options

Jan Cholasta • 6 years ago

9607fe3

Remove token vendor, model and serial defaults

Nathaniel McCallum • 6 years ago

7ddf4b3

Remove token ID from self-service UI

Nathaniel McCallum • 6 years ago

0f69e75

Raise better error message for permission added to generated tree

Martin Kosek • 6 years ago

0a54b1c

Allow specifying signing algorithm of the IPA CA cert in ipa-ca-install

Jan Cholasta • 6 years ago

e50d197

Fix typo causing certmonger is provided with wrong path to ipa-submit.

David Kupka • 6 years ago

f046480

Fix printing of reverse zones in ipa-dns-install.

David Kupka • 6 years ago

7e5a71d

Stop dogtag when updating its configuration in ipa-upgradeconfig.

David Kupka • 6 years ago

080c863

Make named.conf template platform independent

Martin Basti • 6 years ago

bac2cc9

Add missing attributes to named.conf

Martin Basti • 6 years ago

ec928b1

Ignore irrelevant subtrees in schema compat plugin

Ludwig Krispenz • 6 years ago

57eab1e

Set IPA CA for freeipa certificates.

David Kupka • 6 years ago

eea9da2

Support MS CS as the external CA in ipa-server-install and ipa-ca-install

Jan Cholasta • 6 years ago

fdf46ac

Require slapi-nis 0.54 or later for ID views support

Alexander Bokovoy • 6 years ago

a4798c7

Update API version for ID views support

Alexander Bokovoy • 6 years ago

79c0b31

Allow override of gecos field in ID views

Alexander Bokovoy • 6 years ago

aa0f5d3

Allow user overrides to specify GID of the user

Alexander Bokovoy • 6 years ago

240d93b

Allow user overrides to specify SSH public keys

Alexander Bokovoy • 6 years ago

ad6d019

Support overridding user shell in ID views

Alexander Bokovoy • 6 years ago

8a8d2e7

Check that port 8443 is available when installing PKI.

David Kupka • 6 years ago

da61691

Support building RPMs for RHEL/CentOS 7.0

Jan Cholasta • 6 years ago

612fcf8

Add RHEL platform module

Jan Cholasta • 6 years ago

06f0b5b

Split off generic Red Hat-like platform code from Fedora platform code

Jan Cholasta • 6 years ago

4370790

Fix ipactl service ordering

Martin Basti • 6 years ago

f742138

Missing requires on python-dns in spec file

Gabe • 6 years ago

19f5ec8

DNS missing tests

Martin Basti • 6 years ago

6d10f98

Fix example usage in ipa man page.

David Kupka • 6 years ago

6e1c7df

Remove misleading authorization error message in cert-request with --add

Jan Cholasta • 6 years ago

ed5ffbf

sudo integration test: Remove the local user test

Petr Viktorin • 6 years ago

e6edbe4

webui-ci: adjust dnszone-add test to recent DNS changes

Petr Vobornik • 6 years ago

65da8e7

backup/restore: Add files from /etc/ipa/nssdb

Petr Viktorin • 6 years ago

7ada6dd

test_forced_client_reenrollment: Don't check for host certificates

Petr Viktorin • 6 years ago

4ba2ab8

Sudorule RunAsUser should work with external groups

Martin Kosek • 6 years ago

9f6f223

test_service_plugin: Do not lowercase memberof_role

Petr Viktorin • 6 years ago

9ee2c25

Move OTP synchronization step to after counter writeback

Nathaniel McCallum • 6 years ago

98debb7

Become IPA 4.1.0 Alpha 1

Petr Viktorin • 6 years ago

946291c

VERSION,Makefile: Rename "pre" to "alpha"

Petr Viktorin • 6 years ago

3cb3452

idviews: Fix typo in upgrade handling of the Default Trust View

Tomas Babej • 6 years ago

7ddebb6

webui: add link from host to idview

Petr Vobornik • 6 years ago

6388aaa

webui: list only not-applied hosts in "apply to host" dialog

Petr Vobornik • 6 years ago

7b7b98d

webui: facet group labels for idview's facets

Petr Vobornik • 6 years ago

bdf1e6c

webui: new ID views section

Petr Vobornik • 6 years ago

8a4730c

webui: add simple link column support

Petr Vobornik • 6 years ago

cd4c337

webui: allow to skip link widget link validation

Petr Vobornik • 6 years ago

e0c3344

webui: do not show internal facet name to user

Petr Vobornik • 6 years ago

86fc8ec

webui: treat value as pkey in link widget

Petr Vobornik • 6 years ago

1050ec8

webui: improve breadcrumb navigation

Petr Vobornik • 6 years ago

f3c8c4c

idviews: Create Default Trust View for upgraded servers

Tomas Babej • 6 years ago

f0b6254

idviews: Make sure only regular IPA objects are allowed to be overriden

Tomas Babej • 6 years ago

ea1aac1

idviews: Display the list of hosts when using --all

Tomas Babej • 6 years ago

60ea906

idviews: Catch errors on unsuccessful AD object lookup when resolving object name to anchor

Tomas Babej • 6 years ago

1551ff1

idviews: Make sure the dict.get method is not abused for MUST attributes

Tomas Babej • 6 years ago

0a7c10b

idviews: Handle Default Trust View properly in the framework

Tomas Babej • 6 years ago

860a50f

idviews: Add Default Trust View as part of adtrustinstall

Tomas Babej • 6 years ago

57a08ad

idviews: Make description optional for the ID View object

Tomas Babej • 6 years ago

473fbe8

idviews: Fix casing of ID Views to be consistent

Tomas Babej • 6 years ago

bdfa7ea

idviews: Update the referential plugin config to watch for ipaAssignedIDView

Tomas Babej • 6 years ago

b8bf444

idviews: Add ipaOriginalUid

Tomas Babej • 6 years ago

50fa40b

ipatests: Add xmlrpc tests for idviews plugin

Tomas Babej • 6 years ago

7c339a8

idviews: Resolve anchors to object names in idview-show

Tomas Babej • 6 years ago

731e7a5

idviews: Raise NotFound errors if object to override could not be found

Tomas Babej • 6 years ago

8b59dfa

idviews: Change format of IPA anchor to include domain

Tomas Babej • 6 years ago

49ef84c

idviews: Alter idoverride methods to work with splitted objects

Tomas Babej • 6 years ago

959a1e0

idviews: Split the idoverride commands into iduseroverride and idgroupoverride

Tomas Babej • 6 years ago

d6bc044

idviews: Split the idoverride object into iduseroverride and idgroupoverride

Tomas Babej • 6 years ago

aa39f40

idviews: Support specifying object names instead of raw anchors only

Tomas Babej • 6 years ago

b8e9dea

trusts: Add conversion from SID to object name

Tomas Babej • 6 years ago

3d89dff

idviews: Extend idview-show command to display assigned idoverrides and hosts

Tomas Babej • 6 years ago

505039c

idviews: Add ipa idview-apply and idview-unapply commands

Tomas Babej • 6 years ago

b275ba6

hostgroup: Selected PEP8 fixes for the hostgroup plugin

Tomas Babej • 6 years ago

3831c9d

hostgroup: Remove redundant and star imports

Tomas Babej • 6 years ago

457aca1

hostgroup: Add helper that returns all members of a hostgroup

Tomas Babej • 6 years ago

1625423

idvies: Add managed permissions for idview and idoverride objects

Tomas Babej • 6 years ago

be916cc

idviews: Create basic idview plugin structure

Tomas Babej • 6 years ago

6f3e3eb

ipalib: PEP8 fixes for host plugin

Tomas Babej • 6 years ago

81e3b1a

ipalib: Remove redundant and star imports from host plugin

Tomas Babej • 6 years ago

debfb01

idviews: Add ipaAssignedIDVIew reference to the host object

Tomas Babej • 6 years ago

6d6da4b

idviews: Create container for ID views under cn=accounts

Tomas Babej • 6 years ago

036ea78

idviews: Add necessary schema for the ID views

Tomas Babej • 6 years ago

5b49a37

Add missing imports to ipapython.certdb

Jan Cholasta • 6 years ago

9d061ea

Fix certmonger search for the CA cert in ipa-certupdate and ipa-cacert-manage

Jan Cholasta • 6 years ago

d04fa16

Fix certmonger.wait_for_request

Jan Cholasta • 6 years ago

7da4873

Remove ipa-ca.crt from systemwide CA store on client uninstall and cert update

Jan Cholasta • 6 years ago

9666212

Get server hostname from jsonrpc_uri in ipa-certupdate

Jan Cholasta • 6 years ago

6ab1f6c

Check if IPA client is configured in ipa-certupdate

Jan Cholasta • 6 years ago

511dc3a

Use /etc/ipa/nssdb to get nicknames of IPA certs installed in /etc/pki/nssdb

Jan Cholasta • 6 years ago

483ebf9

Use NSSDatabase instead of direct certutil calls in client code

Jan Cholasta • 6 years ago

9c07228

Add NSSDatabase.has_nickname for checking nickname presence in a NSS DB

Jan Cholasta • 6 years ago

e7b7492

Move NSSDatabase from ipaserver.certs to ipapython.certdb

Jan Cholasta • 6 years ago

017d61d

Introduce NSS database /etc/ipa/nssdb

Jan Cholasta • 6 years ago

ed2bfff

Do stricter validation of CA certificates

Jan Cholasta • 6 years ago

0c4d7da

Allow choosing CA-less server certificates by name

Jan Cholasta • 6 years ago

01623f7

CA-less installer options usability fixes

Jan Cholasta • 6 years ago

a29ee45

External CA installer options usability fixes

Jan Cholasta • 6 years ago

6136a3e

Add NSSDatabase.import_files method for importing files in various formats

Jan Cholasta • 6 years ago

b93bdb7

extdom: add support for new version

Sumit Bose • 6 years ago

2006d87

Use stack allocation when writing values during otp auth

Nathaniel McCallum • 6 years ago

ada187f

webui: do not offer ipa-ad-winsync and ipa-ipa-trust range types

Petr Vobornik • 6 years ago

d84b8fe

baseldap: Properly handle the case of renaming object to the same name

Tomas Babej • 6 years ago

0cf2dbc

Allow specifying signing algorithm of the IPA CA cert in ipa-server-install.

Jan Cholasta • 6 years ago

0815807

Do not require description in UI.

David Kupka • 6 years ago

b69510b

Detect and configure all usable IP addresses.

David Kupka • 6 years ago

579b614

ipaserver.install.service: Don't show error message on SystemExit(0)

Petr Viktorin • 6 years ago

540f416

Add 'host' setting into default.conf configuration file on client. Fix description in man page.

David Kupka • 6 years ago

d82bc63

LDAP disable service

Martin Basti • 6 years ago

df9086c

Refactoring of autobind, object_exists

Martin Basti • 6 years ago

8e0f8bc

ipa-restore: Set SELinux booleans when restoring

Petr Viktorin • 6 years ago

9b5436c

Move setting SELinux booleans to platform code

Petr Viktorin • 6 years ago

e3ba75d

ipa-kdb: fix unit tests

Sumit Bose • 6 years ago

5297cc9

Remove --ip-address, --name-server otpions from DNS help

Martin Basti • 6 years ago

0f2eb65

DNS tests: tests update to due to change in options

Martin Basti • 6 years ago

b7e3a99

WebUI: DNS: Remove ip-address, admin-email options

Martin Basti • 6 years ago

c675808

DNS: autofill admin email

Martin Basti • 6 years ago

bf61689

Add correct NS records during installation

Martin Basti • 6 years ago

637a082

Deprecation of --name-server and --ip-address option in DNS

Martin Basti • 6 years ago

18460d6

DNS test: allow '.' as zone name

Martin Basti • 6 years ago

72e0b33

Fix DNS plugin to allow to add root zone

Martin Basti • 6 years ago

c32b89d

ipa-replica-prepare: Wait for the DNS entry to be resolvable

Petr Viktorin • 6 years ago

ee4a023

upgradeinstance: Restore listeners on failure

Petr Viktorin • 6 years ago

b333e7a

test_permission_plugin: Check legacy permissions

Petr Viktorin • 6 years ago

5cae989

FIX: ldap schmema updater needs correct ordering of the updates

Martin Basti • 6 years ago

d8d5b2e

WebUI: DNS: remove --class option

Martin Basti • 6 years ago

12c49d8

DNS: remove --class option

Martin Basti • 6 years ago

7d61444

webui-ci: case-insensitive record check

Petr Vobornik • 6 years ago

c66b1ec

webui: fix regression in association facet preop

Petr Vobornik • 6 years ago

18cb8d7

dnszone-remove-permission should raise error

Martin Basti • 6 years ago

7a99f22

JSON client: Log pretty-printed request and response with -vv or above

Petr Viktorin • 6 years ago

16ffb82

Add test for backup/delete system users/restore

Petr Viktorin • 6 years ago

5fc92d6

Add basic test for backup & restore

Petr Viktorin • 6 years ago

0efd4c9

Set the default attributes for RootDSE

Tomas Babej • 6 years ago

38fe3a5

Include the ipa command in client-only build

Jan Cholasta • 6 years ago

fbc6345

Include ipaplatform in client-only build

Jan Cholasta • 6 years ago

72a82b8

Allow RPM upgrade from ipa-* packages

Jan Cholasta • 6 years ago

9486f3d

Fix certmonger code causing the ca_renewal_master update plugin to fail

Jan Cholasta • 6 years ago

1a327cf

ipa_backup: Log where the backup is be stored

Petr Viktorin • 6 years ago

127e7a1

backup,restore: Don't overwrite /etc/{passwd,group}

Petr Viktorin • 6 years ago

eb4e472

ipa_restore: Split the services list

Petr Viktorin • 6 years ago

8359411

ipaserver.install: Consolidate system user creation

Petr Viktorin • 6 years ago

c210126

ipalib: host_del: Extend LDAPDelete's takes_options instead of overriding

Tomas Babej • 6 years ago

adc4abc

Allow deleting obsolete permissions; remove operational attribute permissions

Petr Viktorin • 6 years ago

a0e23ce

permission plugin: Auto-add operational atttributes to read permissions

Petr Viktorin • 6 years ago

477942b

Update referential integrity config for DS 1.3.3

Petr Viktorin • 6 years ago

f8771db

Update SSL ciphers configured in 389-ds-base

Ludwig Krispenz • 6 years ago

90e8731

webui: hide otp fields based on token type

Petr Vobornik • 6 years ago

50291e7

webui: hide non-readable fields

Petr Vobornik • 6 years ago

5369316

webui: hide empty fields and sections

Petr Vobornik • 6 years ago

e27a774

webui: widget initialization

Petr Vobornik • 6 years ago

009d272

webui: better value-change reporting

Petr Vobornik • 6 years ago

a43af5c

webui: display fields based on otp token type

Petr Vobornik • 6 years ago

935a6a1

webui: add i18n for the rest of QR code strings

Petr Vobornik • 6 years ago

bb114e3

webui: add token from user page

Petr Vobornik • 6 years ago

c1bf152

webui: better otp token type label

Petr Vobornik • 6 years ago

46e5e69

webui: add measurement unit to otp token time fields

Petr Vobornik • 6 years ago

26d2688

Fix typo causing ipa-upgradeconfig to fail.

David Kupka • 6 years ago

f29d3d8

Update qrcode support for newer python-qrcode

Nathaniel McCallum • 6 years ago

0436858

install: create ff krb extension on every install, replica install and upgrade

Petr Vobornik • 6 years ago

97aebf8

webui: append network.negotiate-auth.trusted-uris

Petr Vobornik • 6 years ago

de90d7d

Fix hardcoded lib dir in freeipa.spec

Gabe • 6 years ago

ce86e5d

Use autobind when updating CA people entries during certificate renewal

Jan Cholasta • 6 years ago

be4d5bf

Remove internaldb password from password.conf

Ana Krivokapic • 6 years ago

712cb04

webui: notify psw change success only once

Petr Vobornik • 6 years ago

f8fc3bb

webui: switch associators if default doesn't work

Petr Vobornik • 6 years ago

cb2dc9c

webui: do not show login error when switching back from otp sync screen

Petr Vobornik • 6 years ago

e77f0b9

webui: adjust behavior of bounce url

Petr Vobornik • 6 years ago

c946029

No longer generate a machine certificate on client installs

Rob Crittenden • 6 years ago

058c1f4

Backup CS.cfg before modifying it

Jan Cholasta • 6 years ago

b6c7e5f

Fix: Add managed read permissions for compat tree and operational attrs

Petr Viktorin • 6 years ago

cd80528

webui: extract complex pkey on Add and Edit

Petr Vobornik • 6 years ago

2fd4f40

Allow user to force Kerberos realm during installation.

David Kupka • 6 years ago

a28d9b8

Make CA-less ipa-server-install option --root-ca-file optional.

Jan Cholasta • 6 years ago

be65682

Add managed read permissions for compat tree

Petr Viktorin • 6 years ago

9bcd885

Do not restart apache server when not necessary.

David Kupka • 6 years ago

ccc3762

Tests: DNS wildcard records

Martin Basti • 6 years ago

031677c

FIX DNS wildcard records (RFC4592)

Martin Basti • 6 years ago

803dc81

Fix DNS record rename test

Martin Basti • 6 years ago

a327363

Test: DNS NS validation

Martin Basti • 6 years ago

c7dc1b5

DNS fix NS record coexistence validator

Martin Basti • 6 years ago

f605fe8

Tests: DNS dsrecord validation

Martin Basti • 6 years ago

2863fc9

DNSSEC: fix DS record validation

Martin Basti • 6 years ago

7348832

Use certmonger D-Bus API instead of messing with its files.

David Kupka • 6 years ago

78b2a7a

Fix dnsrecord-mod raise error if last record attr is removed

Martin Basti • 6 years ago

9e8aed8

ipa-client-install: Do not add already configured sources to nsswitch.conf entries

Tomas Babej • 6 years ago

5aead1f

Normalize external CA cert before passing it to pkispawn

Jan Cholasta • 6 years ago

451c2e2

Add record(s) to /etc/host when IPA is configured as DNS server.

David Kupka • 6 years ago

7baf8fe

Ensure ipaUserAuthTypeClass when needed on user creation

Nathaniel McCallum • 6 years ago

480512f

permission plugin: Improve description of the target option

Petr Viktorin • 6 years ago

6456046

permission plugin: Make --target available in the CLI

Petr Viktorin • 6 years ago

c01c616

freeipa.spec.in: Add python-backports-ssl_match_hostname to BuildRequires

Petr Viktorin • 6 years ago

cac070b

CLIENT: Explicitly require python-backports-ssl_match_hostname

Jakub Hrozek • 6 years ago

c034044

Allow changing CA renewal master in ipa-csreplica-manage.

Jan Cholasta • 6 years ago

aae7848

ipaserver/dcerpc.py: Make sure trust is established only to forest root domain

Alexander Bokovoy • 6 years ago

d54d7ad

ipaserver/dcerpc.py: be more open to what domains can be seen through the forest trust

Alexander Bokovoy • 6 years ago

e8a28b0

ipaserver/dcerpc.py: Avoid hitting issue with transitive trusts on Windows Server prior to 2012

Alexander Bokovoy • 6 years ago

4f17f64

ipaserver/dcerpc.py: make PDC discovery more robust

Alexander Bokovoy • 6 years ago

214c23b

ipaserver/dcerpc.py: if search of a closest GC failed, try to find any GC

Alexander Bokovoy • 6 years ago

2bcf79e

ipa trust-add command should be interactive

Gabe • 6 years ago

8bb2af0

webui: fix group type padding

Petr Vobornik • 6 years ago

2752f8e

webui: disable batch action buttons by default

Petr Vobornik • 6 years ago

dd45278

webui: sshkey widget - usability fixes

Petr Vobornik • 6 years ago

a8a7998

webui: improve rule table css

Petr Vobornik • 6 years ago

189f6fd

webui: convert widget.less indentation to spaces

Petr Vobornik • 6 years ago

500db90

service: Normalize service principal in get_dn

Petr Viktorin • 6 years ago

e497688

Support delegating RBAC roles to service principals

Petr Viktorin • 6 years ago

e5b78c2

webui: better authentication types description

Petr Vobornik • 6 years ago

af83c37

webui: tooltip support

Petr Vobornik • 6 years ago

c1290a7

webui: rename tooltip to title

Petr Vobornik • 6 years ago

9554b51

webui: login screen - improved button switching

Petr Vobornik • 6 years ago

b378540

webui: improved info msgs on login/token sync/reset pwd pages

Petr Vobornik • 6 years ago

6864727

webui: display expired session notification in a more visible area

Petr Vobornik • 6 years ago

6f8dc9d

Change BuildRequires for Java

Stephen Gallagher • 6 years ago

a692799

webui-ci: fix table widget add

Petr Vobornik • 6 years ago

4fde716

webui: better error reporting

Petr Vobornik • 6 years ago

23413e9

freeipa

Source Code

Commits 7931