On Mon, 2011-10-03 at 16:44 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-26 at 22:24 -0400, Rob Crittenden wrote:
We can't assume that there will be only one naming context. Look at each
one until we find an IPA one.
Add logging so you can know that a migration
On Mon, 2011-10-03 at 15:16 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-19 at 09:03 -0400, Rob Crittenden wrote:
Jan Cholasta wrote:
On 16.9.2011 21:16, Rob Crittenden wrote:
Prompt for the current password when changing your own password using
ipa passwd.
I had
Add a function for formatting network locations of the form host:port
for use in URLs.
If the host part is a literal IPv6 address, it must be enclosed in
square brackets (RFC 2732).
https://fedorahosted.org/freeipa/ticket/1869
In the ticket it is suggested to create a host name and network
On 3.10.2011 12:36, Martin Kosek wrote:
Installing IPA server --selfsign option is currently a one-way ticket
to server with limited certificate capabilities. Make sure that user
really want to install it by implementing the following steps:
- moving the option to the bottom of certificate
When getpass.getpass() function is interrupted via CTRL+D, EOFError
exception is thrown. Most of the install tools are not prepared for
this event and crash with this exception. Make sure that it is
handled properly and nice error message is printed.
https://fedorahosted.org/freeipa/ticket/1916
https://fedorahosted.org/freeipa/ticket/1913
From 5485ef8811c1e97dcbc7e462a8c814bb80f8de17 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Tue, 4 Oct 2011 10:52:47 +0200
Subject: [PATCH] Fix ipa-managed-entries password option long form
On 27.9.2011 10:15, Sumit Bose wrote:
Hi,
currently the change password plugin does not check if the connection is
coming from a local LDAPI socket and denies password change requests via
LDAPI. This patch changes the check to just look at the overall SSF of
the connection which covers all
On Tue, 2011-10-04 at 10:34 +0200, Jan Cholasta wrote:
On 3.10.2011 12:36, Martin Kosek wrote:
Installing IPA server --selfsign option is currently a one-way ticket
to server with limited certificate capabilities. Make sure that user
really want to install it by implementing the following
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
--
/ Alexander Bokovoy
From 6bb9520e2398a22c0264276171714ea5d201f83a Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 4 Oct 2011 13:56:12 +0300
Subject: [PATCH] Setup and restore ntp configuration on
Hi,
attached patch fixes https://fedorahosted.org/freeipa/ticket/1775
--
/ Alexander Bokovoy
From e956fb4cb1738cb98d006973db0016868204c10c Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 4 Oct 2011 14:33:36 +0300
Subject: [PATCH] Configure pam_krb5 on the client
On Fri, 2011-09-30 at 16:15 -0400, Simo Sorce wrote:
On Fri, 2011-09-30 at 16:02 -0400, Stephen Gallagher wrote:
On Thu, 2011-09-29 at 15:20 +0200, Martin Kosek wrote:
How to test:
1) Add new naming context (suffix) to your LDAP database with installed
IPA (see attached LDIF). The
On 26.9.2011 21:52, John Dennis wrote:
The IPAdmin class in ipaserver/ipaldap.py has methods with anonymous
undefined parameter lists.
For example:
def getList(self,*args):
In Python syntax this means you can call getList with any positional
parameter list you want.
This is bad because:
Hi,
when help is displayed, for options that require values we show their
type. With string enumerations this does not really help to the user
as it is unclear what are the values of the enumeration.
Attached patch fixes it by providing nicer list of possible values.
Martin Kosek wrote:
On Mon, 2011-10-03 at 16:44 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-26 at 22:24 -0400, Rob Crittenden wrote:
We can't assume that there will be only one naming context. Look at each
one until we find an IPA one.
Add logging so you can know that a
On Tue, 2011-10-04 at 08:53 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-10-03 at 16:44 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-26 at 22:24 -0400, Rob Crittenden wrote:
We can't assume that there will be only one naming context. Look at each
one
Martin Kosek wrote:
On Mon, 2011-10-03 at 15:16 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-19 at 09:03 -0400, Rob Crittenden wrote:
Jan Cholasta wrote:
On 16.9.2011 21:16, Rob Crittenden wrote:
Prompt for the current password when changing your own password using
ipa
On Tue, 2011-10-04 at 08:03 -0400, Stephen Gallagher wrote:
On Fri, 2011-09-30 at 16:15 -0400, Simo Sorce wrote:
On Fri, 2011-09-30 at 16:02 -0400, Stephen Gallagher wrote:
On Thu, 2011-09-29 at 15:20 +0200, Martin Kosek wrote:
How to test:
1) Add new naming context (suffix) to your
On Tue, 2011-10-04 at 08:59 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-10-03 at 15:16 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-19 at 09:03 -0400, Rob Crittenden wrote:
Jan Cholasta wrote:
On 16.9.2011 21:16, Rob Crittenden wrote:
Prompt for
Martin Kosek wrote:
On Tue, 2011-10-04 at 08:53 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-10-03 at 16:44 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-26 at 22:24 -0400, Rob Crittenden wrote:
We can't assume that there will be only one naming context.
On 10/04/2011 09:32 AM, Rob Crittenden wrote:
Adam Young wrote:
It is possible to generate a Certificate signing request from the
browser, if we use Mozilla specific code. I've mildly hacked the Mozilla
sample code to work with JQuery and to display the CSR to the screen,
instead of sending it
Alexander Bokovoy wrote:
Hi,
when help is displayed, for options that require values we show their
type. With string enumerations this does not really help to the user
as it is unclear what are the values of the enumeration.
Attached patch fixes it by providing nicer list of possible values.
On Tue, 2011-10-04 at 09:26 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Tue, 2011-10-04 at 08:53 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-10-03 at 16:44 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-09-26 at 22:24 -0400, Rob Crittenden wrote:
On 10/04/2011 04:07 AM, Jan Cholasta wrote:
Looks good Jan, thank you. ACK
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://fedorahosted.org/freeipa/ticket/1922
gidNumber is not an allowed attribute for a non-posix group. When
adding a non-posix group from the UI, unchecking the Is this a POSIX
group?: box should disable the GID: field.
--
Petr Vobornik
From 3e329f7f6e26cf839681c95d163625223fb2c546 Mon
Jan Cholasta wrote:
Work around pkisilent bugs.
Check directory manager password for invalid characters.
(https://bugzilla.redhat.com/show_bug.cgi?id=658641)
Shell-escape pkisilent command-line arguments.
(https://bugzilla.redhat.com/show_bug.cgi?id=741180)
Once the bugs are fixed, the
On Tue, 04 Oct 2011, Jan Cholasta wrote:
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, in module
On 4.10.2011 20:53, Alexander Bokovoy wrote:
On Tue, 04 Oct 2011, Jan Cholasta wrote:
On 4.10.2011 13:00, Alexander Bokovoy wrote:
client
Reply-To:
Hi,
attached patch addresses ticket #1770.
ipa-client-install fails with:
Traceback (most recent call last):
File
On Tue, 04 Oct 2011, Jan Cholasta wrote:
Now ipa-client-install --uninstall fails with:
Traceback (most recent call last):
File /usr/sbin/ipa-client-install, line 1165, in module
sys.exit(main())
File /usr/sbin/ipa-client-install, line 1147, in main
return uninstall(options,
I started reading this page, and the description for --pkinit_pin looked
wrong. While in there, I figured it might be useful to note that the
PKCS#12 files also contain the private keys.
Nalin
From 8fe270e43d7790dbd4210be9ff212ce410e3da69 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai
29 matches
Mail list logo