On 6/26/2012 9:46 AM, Petr Vobornik wrote:
This is patch is more like a draft.
I'm not sure where to display the 'password is going to expire'
notification.
I was deciding between:
1) red bold text in Web UI header
2) popup dialog after Web UI initialization
I don't like unwanted pop-up di
El mar, 26-06-2012 a las 13:39 -0400, Dmitri Pal escribió:
> On 06/26/2012 01:28 PM, Rich Megginson wrote:
> > On 06/26/2012 11:13 AM, Dmitri Pal wrote:
> > > On 06/26/2012 11:11 AM, Loris Santamaria wrote:
> > > > El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
> > > > > On 06/25/201
On Tue, 26 Jun 2012, Endi Sukma Dewata wrote:
On 6/26/2012 12:53 PM, Rich Megginson wrote:
IPA will keep all of your passwords in sync - userPassword,
sambaNTPassword, sambaLMPassword, and your kerberos passwords. 389
cannot do this - the functionality that does this is provided by an
IPA passwo
On 6/26/2012 12:53 PM, Rich Megginson wrote:
IPA will keep all of your passwords in sync - userPassword,
sambaNTPassword, sambaLMPassword, and your kerberos passwords. 389
cannot do this - the functionality that does this is provided by an
IPA password plugin. Openldap has a similar plugin, but
On Tue, 2012-06-26 at 14:48 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > ipaNTHash contains security sensitive information, it should be hidden just
> > like other password attributes. As a part of preparation for ticket #2511,
> > the ACI allowing global access is also updated to hide DN
Petr Viktorin wrote:
In my patch 62 I fixed output validation. Since that patch was rejected,
I'm submitting the fix separately.
https://fedorahosted.org/freeipa/ticket/2860
ACK, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.c
Petr Viktorin wrote:
Fixing a typo in the ipa-rmkeytab man page.
Over the past few months I also found a few typos in docstrings and
comments. I'm including those in the patch.
ACK, pushed to master.
rob
___
Freeipa-devel mailing list
Freeipa-deve
On 6/26/2012 12:36 PM, Petr Vobornik wrote:
I'm testing using self-signed CA. When I open the host/service details
page there's a JS error at certificate.js:928 (undefined
status_revoked), so the page seems to hang and looks blank. In the old
code the status_revoked panel will only be created if
Martin Kosek wrote:
ipaNTHash contains security sensitive information, it should be hidden just
like other password attributes. As a part of preparation for ticket #2511,
the ACI allowing global access is also updated to hide DNS zones.
https://fedorahosted.org/freeipa/ticket/2856
There is a c
On 06/26/2012 11:39 AM, Dmitri Pal wrote:
On 06/26/2012 01:28 PM, Rich Megginson wrote:
On 06/26/2012 11:13 AM, Dmitri Pal wrote:
On 06/26/2012 11:11 AM, Loris Santamaria wrote:
El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
On 06/25/2012 09:02 PM, Loris Santamaria wrote:
Hi,
wh
On 06/26/2012 01:28 PM, Rich Megginson wrote:
> On 06/26/2012 11:13 AM, Dmitri Pal wrote:
>> On 06/26/2012 11:11 AM, Loris Santamaria wrote:
>>> El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
On 06/25/2012 09:02 PM, Loris Santamaria wrote:
> Hi,
>
> while using freeIPA
On 06/26/2012 11:13 AM, Dmitri Pal wrote:
On 06/26/2012 11:11 AM, Loris Santamaria wrote:
El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
On 06/25/2012 09:02 PM, Loris Santamaria wrote:
Hi,
while using freeIPA as a user database for a samba installation I found
a problem in the enf
On 06/26/2012 11:11 AM, Loris Santamaria wrote:
> El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
>> On 06/25/2012 09:02 PM, Loris Santamaria wrote:
>>> Hi,
>>>
>>> while using freeIPA as a user database for a samba installation I found
>>> a problem in the enforcement of password polic
ipaNTHash contains security sensitive information, it should be hidden just
like other password attributes. As a part of preparation for ticket #2511,
the ACI allowing global access is also updated to hide DNS zones.
https://fedorahosted.org/freeipa/ticket/2856
From 1ce1eff4f259821fc9bc7fa8699c4eb
El mar, 26-06-2012 a las 10:35 -0400, Dmitri Pal escribió:
> On 06/25/2012 09:02 PM, Loris Santamaria wrote:
> > Hi,
> >
> > while using freeIPA as a user database for a samba installation I found
> > a problem in the enforcement of password policies. FreeIPA password
> > policies are more detail
This is patch is more like a draft.
I'm not sure where to display the 'password is going to expire'
notification.
I was deciding between:
1) red bold text in Web UI header
2) popup dialog after Web UI initialization
I don't like unwanted pop-up dialogs so I used first option.
I didn't make
Martin Kosek wrote:
On 06/25/2012 09:35 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On 06/22/2012 07:27 PM, Rob Crittenden wrote:
Martin Kosek wrote:
On Wed, 2012-06-20 at 13:23 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Rob Crittenden wrote:
Here is a tool
Loris Santamaria wrote:
Hi,
while using freeIPA as a user database for a samba installation I found
a problem in the enforcement of password policies. FreeIPA password
policies are more detailed than samba's, in freeIPA one may enforce
password history and the number of character classes in a pa
On 06/25/2012 09:02 PM, Loris Santamaria wrote:
> Hi,
>
> while using freeIPA as a user database for a samba installation I found
> a problem in the enforcement of password policies. FreeIPA password
> policies are more detailed than samba's, in freeIPA one may enforce
> password history and the nu
On 06/25/2012 04:59 PM, Petr Viktorin wrote:
On 06/20/2012 05:43 PM, Ondrej Hamada wrote:
On 06/15/2012 07:36 AM, Martin Kosek wrote:
On Thu, 2012-06-14 at 16:35 -0400, Rob Crittenden wrote:
Ondrej Hamada wrote:
Improved options checking so that host-mod operation is not changing
password for
Hi,
while using freeIPA as a user database for a samba installation I found
a problem in the enforcement of password policies. FreeIPA password
policies are more detailed than samba's, in freeIPA one may enforce
password history and the number of character classes in a password, but
normally samba
Updated patch attached.
On 06/25/2012 05:09 PM, Endi Sukma Dewata wrote:
On 6/12/2012 7:48 AM, Petr Vobornik wrote:
This is a continuation of effort which transforms status widgets with
buttons executing actions to separate status widget and action panels.
This patch strips certificate status w
On 06/25/2012 06:22 PM, Martin Kosek wrote:
> On 06/25/2012 06:18 PM, Alexander Bokovoy wrote:
>> On Mon, 25 Jun 2012, Endi Sukma Dewata wrote:
>>> On 6/25/2012 10:33 AM, Petr Vobornik wrote:
On 06/25/2012 04:52 PM, Petr Vobornik wrote:
> On 06/25/2012 04:37 PM, Alexander Bokovoy wrote:
>>
On Sun, Jun 17, 2012 at 09:47:20PM +0200, Sumit Bose wrote:
> On Thu, Jun 14, 2012 at 02:25:01PM +0200, Sumit Bose wrote:
> > On Thu, Jun 14, 2012 at 07:54:40AM -0400, Simo Sorce wrote:
> > > On Thu, 2012-06-14 at 12:35 +0200, Sumit Bose wrote:
> > > > On Wed, Jun 13, 2012 at 08:38:23PM -0400, Simo
Hi,
this patch fixes a small typo and silences a compiler warning. I think
it is right to use authdata instead of &authdata here, but I have to
admit that I cannot say why we have not seen any issues before.
bye,
Sumit
From 94ee2395539bad666f0ffea4ccb688d4a5330582 Mon Sep 17 00:00:00 2001
From: S
Hi,
this patch contains the KDC part of the external groups handling. If
group SIDs from the PAC can be found in the ipaExternalGroup objects and
the external groups are member of local groups, the SIDs of the local
groups are added to the PAC. If the PAC this then read by the SSSD pac
responder t
On 06/25/2012 09:35 PM, Rob Crittenden wrote:
> Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> On 06/22/2012 07:27 PM, Rob Crittenden wrote:
Martin Kosek wrote:
> On Wed, 2012-06-20 at 13:23 -0400, Rob Crittenden wrote:
>> Rob Crittenden wrote:
>>> Rob Crittenden wrote:
27 matches
Mail list logo