[Freeipa-devel] [PATCH] 0096 caacl: fix regression in rule instantiation

The attached patch fixes a kerberos.Principal-related regression. Thanks, Fraser From c3d4bee34f4a1aa6afafee07851e8b5557860331 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 28 Jul 2016 10:55:45 +1000 Subject: [PATCH] caacl: fix regression in rule instantiation

Re: [Freeipa-devel] [DESIGN] Text-based rules for CSR autogeneration using Jinja2

On 07/21/2016 11:43 AM, Petr Spacek wrote: On 20.7.2016 19:25, Ben Lipton wrote: On 07/20/2016 12:21 PM, Simo Sorce wrote: On Wed, 2016-07-20 at 12:14 -0400, Ben Lipton wrote: On 07/20/2016 10:37 AM, Simo Sorce wrote: On Wed, 2016-07-20 at 10:17 -0400, Ben Lipton wrote: On 07/20/2016 06:27

Re: [Freeipa-devel] [PATCH] 0002 Add client install option to set ipa_backup_server

On 26.07.2016 17:01, Ariel Barria wrote: Hello everyone. I send patch for review. Regards, Hello, thank you for the patch, but I have a few comments: 1) can you please use option --backup-server instead of --ipa-backup-server to be consistent with --server (as we don't have option

Re: [Freeipa-devel] [PATCH] webui test: bunch of patches which fix webui patches

On 27.07.2016 17:40, Lenka Doudova wrote: On 07/27/2016 03:00 PM, Lenka Doudova wrote: On 07/20/2016 04:43 PM, Pavel Vomacka wrote: On 07/11/2016 06:33 PM, Pavel Vomacka wrote: Hello, please review these patches. First four of them fixes patches and the last one fixes small bug

Re: [Freeipa-devel] [PATCH 0195] Create indexes for krbCanonicalName attribute

On 27.07.2016 18:26, thierry bordaz wrote: On 07/22/2016 03:43 PM, Martin Babinsky wrote: On 07/22/2016 02:37 PM, thierry bordaz wrote: Hi Martin, The patch looks good. Just a question krbPrincipalName is caseExactIA5Match but is also indexed caseIgnoreIA5Match. Do you think it would be

[Freeipa-devel] [PATCH 0004-0012] Automatic CSR generation

Hi all, I think the automatic CSR generation feature (https://fedorahosted.org/freeipa/ticket/4899, http://www.freeipa.org/page/V4/Automatic_Certificate_Request_Generation) is stable enough to review now. The following are summaries of the attached patches: 0004: LDAP schema changes for the

Re: [Freeipa-devel] [PATCH 0195] Create indexes for krbCanonicalName attribute

On 07/22/2016 03:43 PM, Martin Babinsky wrote: On 07/22/2016 02:37 PM, thierry bordaz wrote: Hi Martin, The patch looks good. Just a question krbPrincipalName is caseExactIA5Match but is also indexed caseIgnoreIA5Match. Do you think it would be need for krbCanonicalName as well ? thanks

Re: [Freeipa-devel] [PATCH] webui test: bunch of patches which fix webui patches

On 07/27/2016 03:00 PM, Lenka Doudova wrote: On 07/20/2016 04:43 PM, Pavel Vomacka wrote: On 07/11/2016 06:33 PM, Pavel Vomacka wrote: Hello, please review these patches. First four of them fixes patches and the last one fixes small bug in WebUI which causes that some tests fail.

Re: [Freeipa-devel] [PATCH 0194] harden the check for trust namespace overlap in new principals

On 26/07/16 13:18, Martin Babinsky wrote: On 07/21/2016 12:56 PM, Martin Babinsky wrote: '*-add-principal' would crash with error if the trusted domains did not have any UPN suffixes or NETBIOS name associated with them. This patch fixes that. Big thanks to Milan who found and reported the

Re: [Freeipa-devel] [PATCH] webui test: bunch of patches which fix webui patches

On 07/20/2016 04:43 PM, Pavel Vomacka wrote: On 07/11/2016 06:33 PM, Pavel Vomacka wrote: Hello, please review these patches. First four of them fixes patches and the last one fixes small bug in WebUI which causes that some tests fail. https://fedorahosted.org/freeipa/ticket/6050

Re: [Freeipa-devel] [PATCH 0196] baseldap: Fix MidairCollision instantiation during entry modification

On 07/26/2016 05:22 PM, Alexander Bokovoy wrote: On Tue, 26 Jul 2016, Martin Babinsky wrote: Fix for https://fedorahosted.org/freeipa/ticket/6097 Since this issue was found during investigation of other ticket[1], you can test it by performing steps to reproduce #6041, but instead of internal

Re: [Freeipa-devel] [PATCH 42-47][tests] RFE: Allow users to authenticate with alternative names

Hi Milan, the tests seem to work as expected except `test_enterprise_principal_UPN_overlap_without_additional_suffix` which crashes on #6099. I have a few comments, however: This is a test that hits a known bug. I have added an expected fail marker for it. Patch 42: 1.) +class

[Freeipa-devel] documentation: Manually Configuring a Linux Client & host-add-managedby

Hello list, question from users led me to reading about host-add-managedby. While doing so I found out procedure listed on https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/#host-setup-proc and I wonder if it