We have a Web UI patch in track submitted by David Spångberg (solarus).
I'm sending it here to keep order.
https://fedorahosted.org/freeipa/ticket/2899
I ACKed and pushed it to master.
Problem description:
We use roles to determine if to show self-service or admin interface for
not-admin
On 07/07/2012 08:45 PM, John Dennis wrote:
The DN work I was doing on master is ready for review and testing. It's
been a long haul and I've been working relentlessly to get this work
completed. I am on PTO for a week starting today (I know bad timing) but
I spent yesterday and my first day of
On 07/04/2012 09:13 AM, Martin Kosek wrote:
I did various tests with IPv4 and IPv6 and everything worked for me. I also
tried a mixed IPv4+IPv6 and IPv6-only environment and I was able to install an
IPv6-only replica without issues.
---
Many functions use low-level socket interface for
On 07/10/2012 05:58 PM, Petr Viktorin wrote:
There are a few problems with Batch plugin error reporting:
- It reports the text of all errors, not only PublicError. In the normal
(non-batch) RPC interface, we hide non-public errors under a generic internal
error message.
- Errors are not
On Sat, 07 Jul 2012, Simo Sorce wrote:
When installing the adtrust code we need to be able to get the ipaNTHash
populated as in some cases we may need it to authenticate connections
over SMB w/o using kerberos during the trust setup phase.
The NT hash is really just the same thing as the
On Wed, 2012-07-11 at 14:55 +0300, Alexander Bokovoy wrote:
On Sat, 07 Jul 2012, Simo Sorce wrote:
When installing the adtrust code we need to be able to get the ipaNTHash
populated as in some cases we may need it to authenticate connections
over SMB w/o using kerberos during the trust setup
On Wed, 11 Jul 2012, Simo Sorce wrote:
On Wed, 2012-07-11 at 14:55 +0300, Alexander Bokovoy wrote:
On Sat, 07 Jul 2012, Simo Sorce wrote:
When installing the adtrust code we need to be able to get the ipaNTHash
populated as in some cases we may need it to authenticate connections
over SMB w/o
Hello,
this patch adds documention for serial_autoincrement feature to README.
Petr^2 Spacek
From 6abf6d54ca1b61e699118813aa24808edbcede0c Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Wed, 11 Jul 2012 15:04:50 +0200
Subject: [PATCH] Add documention for
On Wed, 2012-07-11 at 15:41 +0300, Alexander Bokovoy wrote:
If users don't have RC4-HMAC key and don't have ipaNTHash set, they
can't log in into smbd anyway until they change their password.
Yes the point is that you may have users you do not want to give a
password to. No need to keep
The page said `-y` but the actual option is `-p`.
--
Petr³
From 594d0b4a905962c37fbc36242bab18529503 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Wed, 11 Jul 2012 09:19:31 -0400
Subject: [PATCH] Fix wrong option name in ipa-managed-entries man page
The page said
On 07/11/2012 03:31 PM, Petr Viktorin wrote:
The page said `-y` but the actual option is `-p`.
ACK. Pushed to master.
Martin
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On Wed, 11 Jul 2012, Simo Sorce wrote:
On Wed, 2012-07-11 at 15:41 +0300, Alexander Bokovoy wrote:
If users don't have RC4-HMAC key and don't have ipaNTHash set, they
can't log in into smbd anyway until they change their password.
Yes the point is that you may have users you do not want to
Hello,
this patch fixes bug introduced by CVE-2012-2134 fix (commit
cd33194c5a61e98cba53212458cce02b849077ba).
From cd33194c5a61e98cba53212458cce02b849077ba up to now each query for
nonexistent DNS name results to two (exactly same) LDAP queries.
Petr^2 Spacek
From
On 06/25/2012 01:17 PM, Petr Viktorin wrote:
The translation files we currently store in Git are full of redundant
information: source strings for untranslated messages, and file locations.
The first causes unnecessarily huge files. The second makes diffs
unreadable: when code is edited and line
On 07/07/2012 08:45 PM, John Dennis wrote:
The DN work I was doing on master is ready for review and testing. It's
been a long haul and I've been working relentlessly to get this work
completed. I am on PTO for a week starting today (I know bad timing) but
I spent yesterday and my first day of
On 07/10/2012 07:40 AM, Endi Sukma Dewata wrote:
On 7/9/2012 6:55 AM, Petr Vobornik wrote:
Patch functionality depends on not yet posted pviktori's patch which
adds error_code (in case of command error) to batch response.
Patch description:
This patch adds support for new per-domain
IPA 3.0 introduced range ID objects in replicated space which specify
a range of IDs assigned via DNA plugin. ipa-ldap-updater generates the
default ID range which should correspond with IDs assigned to IPA
users.
However, since correct range size is not known, we should at least
warn that a
On Wed, 11 Jul 2012, Petr Viktorin wrote:
On 07/07/2012 08:45 PM, John Dennis wrote:
The DN work I was doing on master is ready for review and testing. It's
been a long haul and I've been working relentlessly to get this work
completed. I am on PTO for a week starting today (I know bad timing)
On Wed, 2012-07-11 at 16:40 +0300, Alexander Bokovoy wrote:
On Wed, 11 Jul 2012, Simo Sorce wrote:
On Wed, 2012-07-11 at 15:41 +0300, Alexander Bokovoy wrote:
If users don't have RC4-HMAC key and don't have ipaNTHash set, they
can't log in into smbd anyway until they change their password.
Martin Kosek wrote:
Add missing permissions that can be used to delegate write access
to existing automount maps or keys.
Since automount key RDN has been changed in the past from automountkey
to description and there can be LDAP entries with both RDNs,
structure of relevant ACI need to be
Martin Kosek wrote:
IPA 3.0 introduced range ID objects in replicated space which specify
a range of IDs assigned via DNA plugin. ipa-ldap-updater generates the
default ID range which should correspond with IDs assigned to IPA
users.
However, since correct range size is not known, we should at
On 07/11/2012 09:27 PM, Rob Crittenden wrote:
Martin Kosek wrote:
IPA 3.0 introduced range ID objects in replicated space which specify
a range of IDs assigned via DNA plugin. ipa-ldap-updater generates the
default ID range which should correspond with IDs assigned to IPA
users.
However,
22 matches
Mail list logo
