When DNS plugin is installed via ipa-dns-install and user has a valid
Kerberos ticket at the time, the DNS installation is corrupt and named
won't start, reporting Preauthentication error.
When the non-DM identity is used for authentication, krbprincipalkey
attribute in DNS service LDAP record is
On Thu, 2011-07-14 at 23:05 +, JR Aquino wrote:
On Jul 14, 2011, at 11:55 AM, wrote:
https://fedorahosted.org/freeipa/ticket/1272
* Added new container in etc to hold the automembership configs.
* Modified constants to point to the new container
* Modified dsinstance to create
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication agreement
management. The syntax is the same for IPA agreements with the exception
that the DM password is always required and it isn't possible to
delegate the management of this.
ticket
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication agreement
management. The syntax is the same for IPA agreements with the exception
that the DM password is always required and it isn't
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication agreement
management. The syntax is the same for IPA agreements with the exception
that the DM password is always required
Martin Kosek wrote:
On Tue, 2011-07-12 at 15:11 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-01 at 11:41 -0400, Rob Crittenden wrote:
enrolledBy represents the DN of the entry that enrolled a host. We don't
want an admin to manipulate this but an aci allowed it. This was a
Martin Kosek wrote:
On Wed, 2011-06-22 at 18:03 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
Install tools may fail with unexpected error when IPA server is not
installed on a system. Improve user experience by implementing
a check to affected tools.
Jan Cholasta wrote:
On 27.6.2011 20:42, Rob Crittenden wrote:
Document registering to an entitlement server with a UUID as not
implemented.
It was my understanding that we would be able to pass in an existing
UUID when registering to connect to an existing registration (for the
case where IPA
Martin Kosek wrote:
On Thu, 2011-07-07 at 12:01 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Remove deny from the available type options and prevent new ones from
being created (either directly or via a mod).
Type now defaults to allow and will autofill so on the cli the user
won't be
On Thu, 2011-07-14 at 17:41 +0200, Martin Kosek wrote:
On Tue, 2011-07-12 at 15:49 +0200, Jan Cholasta wrote:
This patch fixes reverse DNS zone creation so that a /24 IPv4 and /64
IPv6 reverse zones are created by default. The reverse zone can be
customized using new --reverse-zone option
Martin Kosek wrote:
On Thu, 2011-07-14 at 23:05 +, JR Aquino wrote:
On Jul 14, 2011, at 11:55 AM, wrote:
https://fedorahosted.org/freeipa/ticket/1272
* Added new container in etc to hold the automembership configs.
* Modified constants to point to the new container
* Modified dsinstance
Martin Kosek wrote:
When DNS plugin is installed via ipa-dns-install and user has a valid
Kerberos ticket at the time, the DNS installation is corrupt and named
won't start, reporting Preauthentication error.
When the non-DM identity is used for authentication, krbprincipalkey
attribute in DNS
On Fri, 2011-07-15 at 11:34 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
When DNS plugin is installed via ipa-dns-install and user has a valid
Kerberos ticket at the time, the DNS installation is corrupt and named
won't start, reporting Preauthentication error.
When the non-DM
On Tue, 2011-07-05 at 13:41 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Rob Crittenden wrote:
389-ds postop plugins, such as the managed entry and memberof plugins,
add values after the data has been returned to the client. In the case
of the managed entry plugin this affects the
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication agreement
management. The syntax is the same for IPA agreements with the
Rich Megginson wrote:
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication agreement
management. The syntax is the same for IPA
On 07/15/2011 10:57 AM, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do dogtag replication
Martin Kosek wrote:
When a replica for self-signed server is being installed, the
installer crashes with Not a dogtag CA installation. Make sure
that installation is handled correctly for both dogtag and
self-signed replicas.
https://fedorahosted.org/freeipa/ticket/1479
ack, pushed to master
Martin Kosek wrote:
Implement a test for new dnszone-find option --forward-only.
Fix example for reverse zone (zone was not fully qualified and
DNS plugin would forbid adding PTR records).
https://fedorahosted.org/freeipa/ticket/1473
This looks ok, just one minor thing: can you add deleting
Rich Megginson wrote:
On 07/15/2011 10:57 AM, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden wrote:
Add a separate tool for now to do
On 07/15/2011 01:24 PM, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 10:57 AM, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob
On 15.07.2011 22:41, Rob Crittenden wrote:
Alexander Bokovoy wrote:
nack.
I don't believe this fixes the reported problem. This patch affects
un-installation in which case whether sssd was selected or not doesn't
matter, we're just trying to restore the previous state (so tangentially
I
On 15.7.2011 21:24, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 10:57 AM, Rob Crittenden wrote:
Rich Megginson wrote:
On 07/15/2011 08:01 AM, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-07-15 at 14:43 +0200, Jan Cholasta wrote:
On 15.7.2011 05:42, Rob Crittenden
With the recent object_name/label changes some tests were failing that
were expecting the old value which contained a space. This fixes them.
rob
From fdfc6b4e7a6c65a00d72e23c33a7b9e9eb5927e3 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Fri, 15 Jul 2011 17:18:42 -0400
Jan Cholasta wrote:
On 28.6.2011 20:08, Rob Crittenden wrote:
Jan Cholasta wrote:
On 21.6.2011 14:15, Jan Cholasta wrote:
This patch adds a new option name_from_ip to dnszone commands. Default
value of idnsname is created from this option.
Honza
Fixed the API version number, added usage
Martin Kosek wrote:
Passing a number of long type to IPA Int parameter invokes
user-unfriendly error message about incompatible types. This patch
improves Int parameter with user understandable message along with
maximum value he can pass.
https://fedorahosted.org/freeipa/ticket/1346
nack. We
Martin Kosek wrote:
On Tue, 2011-07-05 at 13:41 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Rob Crittenden wrote:
389-ds postop plugins, such as the managed entry and memberof plugins,
add values after the data has been returned to the client. In the case
of the managed entry plugin
27 matches
Mail list logo