The aci plugin didn't quite work with the new ldap2 backend, fix that.
We already walk through the target part of the ACI syntax so skip that in the regex altogether. This now lets us handle all current ACIs in IPA (some used to be ignored/skipped)
Add support for user groups so one can do v1-style delegation (group A can write attributes x,y,z in group B). It is actually quite a lot more flexible than that but you get the idea. I'm not sure yet but it might be better to split this out into a separate plugin, or to make a simple mode or something.
Improve error messages in the aci library (so you can better know what broke, not just that it is broken).
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel