Required Password params were prompted for like any other non-Password params,
resulting in the password being displayed on the command line and there was no
confirmation.
Ticket #361
Pavel
From f8451a7b94f226f3e5b4181f464de52e2dfbad2d Mon Sep 17 00:00:00 2001
From: Pavel Zuna
On Wed, 24 Nov 2010 08:51:23 +0100
Jan Zelený jzel...@redhat.com wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Catch when retrieving the CA chain from dogtag fails and report a
friendlier error. Also don't try to free the XML document unless it
has been created.
To test this do an
Simo Sorce wrote:
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittendenrcrit...@redhat.com wrote:
aci: (targetattr != userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory ||
krbMKey)(version 3.0; acl Enable Anonymous access; allow (read,
search, compare)
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden rcrit...@redhat.com wrote:
+aci: (targetattr != userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey ||
krbTicketPolicyReference
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/23/2010 04:32 PM, Simo Sorce wrote:
On Tue, 23 Nov 2010 16:07:47 -0500
Rob Crittenden rcrit...@redhat.com wrote:
I don't want to throw a wrench in, but what if you have multiple
replicas in various distant locations, WHICH server is the
On 11/24/2010 03:48 AM, Pavel Zuna wrote:
On 11/19/2010 04:23 PM, Jakub Hrozek wrote:
On Tue, Nov 09, 2010 at 04:55:50AM +0100, Pavel Zůna wrote:
If the parent and child entries have the same attribute as primary
key (such as in the DNS schema), we need to rename the parent key
to prevent a
Simo Sorce wrote:
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittendenrcrit...@redhat.com wrote:
+aci: (targetattr != userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey ||
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/22/2010 04:21 PM, Jakub Hrozek wrote:
On 11/22/2010 04:16 PM, Jakub Hrozek wrote:
The code handles it (I just ran a quick test with --schema=RFC2307bis).
It just iterates through all members of a group -- be it user member of
group member,
On 11/24/2010 03:46 AM, Pavel Zuna wrote:
On 11/24/2010 03:26 AM, Adam Young wrote:
On 11/23/2010 09:37 AM, Pavel Zuna wrote:
Finally managed to rewrite the DNS plugin again. Sorry, it took so
long, we had training in the office and I also had a nasty bug in
baseldap.py I couldn't find.
Stephen Gallagher wrote:
On 11/23/2010 04:32 PM, Simo Sorce wrote:
On Tue, 23 Nov 2010 16:07:47 -0500
Rob Crittenden rcrit...@redhat.com wrote:
I don't want to throw a wrench in, but what if you have multiple
replicas in various distant locations, WHICH server is the time
relative to?
On 11/24/2010 10:21 AM, Adam Young wrote:
On 11/24/2010 03:46 AM, Pavel Zuna wrote:
On 11/24/2010 03:26 AM, Adam Young wrote:
On 11/23/2010 09:37 AM, Pavel Zuna wrote:
Finally managed to rewrite the DNS plugin again. Sorry, it took so
long, we had training in the office and I also had a nasty
Duration
New grammar allows DDHHMM for the duration. UI proposes to limit the
duration to less than 24 hours since more than 24 hour windows can start
overlapping and thus allowing to enter duration days was confusing to
the users who tried the UI. We need to reconcile this a bit
From 9bc3cc9897741ac720747ecd4a3b4d4f31de7232 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Tue, 23 Nov 2010 22:24:50 -0500
Subject: [PATCH] action panel formatting
Cleans up the indentation of the action panel
Puts the sudo and HBAC entries in a consistent order
---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/24/2010 11:26 AM, Dmitri Pal wrote:
Duration
New grammar allows DDHHMM for the duration. UI proposes to limit the
duration to less than 24 hours since more than 24 hour windows can start
overlapping and thus allowing to enter duration
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/24/2010 11:15 AM, Dmitri Pal wrote:
Stephen Gallagher wrote:
On 11/23/2010 04:32 PM, Simo Sorce wrote:
On Tue, 23 Nov 2010 16:07:47 -0500
Rob Crittenden rcrit...@redhat.com wrote:
I don't want to throw a wrench in, but what if you have
Progress!
Ok, here is the latest data from the lab.
The compat translation is almost there!!!
* The sudoers container has correctly been moved out to the top of the
tree. I think it only needs 1 small final edit, the sudo ldap default is
to look for: ou=sudoers, rather than what is currently
On Wed, 24 Nov 2010 11:26:05 -0500
Dmitri Pal d...@redhat.com wrote:
Steven, please think about the case when the rule needs to be edited
in UI and it has some value for DD - say 1.
What you display in UI then? If you do not allow to enter days and you
not allow more than 24 hours in the hour
Simo Sorce wrote:
On Wed, 24 Nov 2010 11:26:05 -0500
Dmitri Pal d...@redhat.com wrote:
Steven, please think about the case when the rule needs to be edited
in UI and it has some value for DD - say 1.
What you display in UI then? If you do not allow to enter days and you
not allow more
JR Aquino wrote:
Progress!
Ok, here is the latest data from the lab.
The compat translation is almost there!!!
* The sudoers container has correctly been moved out to the top of the
tree. I think it only needs 1 small final edit, the sudo ldap default is
to look for: ou=sudoers, rather
From d0dd106cbc247fb451cdb8f6c4c3d454d914dd38 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Tue, 23 Nov 2010 16:32:17 -0500
Subject: [PATCH] navigation format
UXD guidance to cleanup navigation.
adjusts the tab font
---
install/static/Mainnav-background.png | Bin 233 -
On Wed, 24 Nov 2010 13:12:02 -0500
Dmitri Pal d...@redhat.com wrote:
Simo Sorce wrote:
On Wed, 24 Nov 2010 11:26:05 -0500
Dmitri Pal d...@redhat.com wrote:
Steven, please think about the case when the rule needs to be
edited in UI and it has some value for DD - say 1.
What you
Hello,
It is well known that with IPA we want to try to move people from the
netgroups to host groups but many companies currently use netgroups as
hostgroups. To simplify migration I suggest that we by default always
create a managed nisnetgroup entry that would map 1-1 to the host
group using
I need to think a bit more but I think we may want to radically
simplify the grammar instead by splitting single rules (as seen in the
UI) in multiple values. And use additional attributes to aid the UI,
like having a displayTZ attribute that tells the UI what is the
preferred timezone to
If this proposal looks reasonable I will open a ticket.
JR will you be able to provide a patch that does all of this since this
is not exactly what we originally planned?
Your premise makes a lot of sense.
This is very promising news Dmitri.
Let me consider how I would accommodate the patch,
On 11/17/2010 08:58 PM, Adam Young wrote:
On 11/17/2010 05:20 PM, Endi Sukma Dewata wrote:
On 11/17/2010 2:06 PM, Adam Young wrote:
This patch doesn't apply, the index.html is already created in patch
#92.
OK. Didn't realize I had done that, though it was in another branch.
The
I added some more documentation and examples to the aci plugin on targets.
ticket 310
rob
From f155f75ce44e53bb8e6122e0eea9c2e308c7ab36 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Wed, 24 Nov 2010 14:48:51 -0500
Subject: [PATCH] Add more information and examples on
On 11/24/2010 10:51 AM, Adam Young wrote:
ACK and pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Pushed under the 1 liner rule
From 16b935169c556135dcab2908d102a884f803fda4 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Wed, 24 Nov 2010 16:36:36 -0500
Subject: [PATCH] whoami fix
recent changes to the scope mechanism weren't propigated to the whoami call
---
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/22/2010 04:21 PM, Jakub Hrozek wrote:
On 11/22/2010 04:16 PM, Jakub Hrozek wrote:
The code handles it (I just ran a quick test with --schema=RFC2307bis).
It just iterates through all members of a group -- be it user
The attached patch modifies autogen.sh so that it runs autoreconf with
the -f flag, too, so that a source rpm package built on an F14 system
will successfully build on a system which has older autotools versions.
It also tells automake to run in its 'foreign' mode and dispenses with
some
30 matches
Mail list logo