Hi,
the following set of patches implements the ID view creation and
management of views and ID overrides in IPA.
Pending questions:
1.) The patch 253 implements basic managed permissions for ID views and
ID overrides. Do we want to have a separate permission for assigning ID
views?
2.)
On Tue, 2014-07-29 at 11:49 +0200, Jan Cholasta wrote:
I don't think I'm authorized to edit bind-dyndb-ldap wiki, so I'm going
to comment the steps from the link above here:
I think anyone with a fedora login can change it, but thanks anyway, you
clarified quite some things.
I have a
On 08/01/2014 01:54 PM, Simo Sorce wrote:
On Tue, 2014-07-29 at 11:49 +0200, Jan Cholasta wrote:
I don't think I'm authorized to edit bind-dyndb-ldap wiki, so I'm going
to comment the steps from the link above here:
I think anyone with a fedora login can change it, but thanks anyway, you
On Fri, 2014-08-01 at 14:31 +0200, Jan Cholasta wrote:
Dne 1.8.2014 v 13:54 Simo Sorce napsal(a):
On Tue, 2014-07-29 at 11:49 +0200, Jan Cholasta wrote:
I don't think I'm authorized to edit bind-dyndb-ldap wiki, so I'm going
to comment the steps from the link above here:
I think
When a CIFS service exists and adtrust agents group does not
have it as a member attribute (for whatever reason), re-running
ipa-adtrust-install does not fix the inconsistency.
Make the installer more robust by being able to fix the inconsistency.
https://fedorahosted.org/freeipa/ticket/4464
--
On Fri, 01 Aug 2014, Martin Kosek wrote:
When a CIFS service exists and adtrust agents group does not
have it as a member attribute (for whatever reason), re-running
ipa-adtrust-install does not fix the inconsistency.
Make the installer more robust by being able to fix the inconsistency.
On 7/31/2014 5:34 PM, Simo Sorce wrote:
I think you misunderstood what I was proposing.
I was proposing the vault is the unit of encryption, as a single blob of
data. But the vault would still contain multiple secrets, simply
formatted into a json object.
Something like:
plaintext:
{
On Fri, 2014-08-01 at 10:28 -0500, Endi Sukma Dewata wrote:
On 7/31/2014 5:34 PM, Simo Sorce wrote:
I think you misunderstood what I was proposing.
I was proposing the vault is the unit of encryption, as a single blob of
data. But the vault would still contain multiple secrets, simply
On 8/1/2014 12:21 PM, Simo Sorce wrote:
OK, understood. This means in the service use case the service vault
password will have to be provisioned to service instances using separate
vaults that use asymmetric encryption key. This type of vaults will
become a drop box and will not support escrow.
On Fri, 2014-08-01 at 14:42 -0500, Endi Sukma Dewata wrote:
On 8/1/2014 12:21 PM, Simo Sorce wrote:
OK, understood. This means in the service use case the service vault
password will have to be provisioned to service instances using separate
vaults that use asymmetric encryption key. This
On 8/1/2014 2:45 PM, Simo Sorce wrote:
On Fri, 2014-08-01 at 14:42 -0500, Endi Sukma Dewata wrote:
On 8/1/2014 12:21 PM, Simo Sorce wrote:
OK, understood. This means in the service use case the service vault
password will have to be provisioned to service instances using separate
vaults that
11 matches
Mail list logo
