On 03/21/2013 05:39 PM, Petr Viktorin wrote:
[...]
another thing: When drafting the feature page, I realized the
--{http,dirsrv}_pin options are unfortunate. Giving the passwords in command
line options is unsafe.
I'd like to replace them with --{http,dirsrv}-pin-file, with prompting if
On 1.3.2013 16:15, Petr Spacek wrote:
On 1.3.2013 15:39, Simo Sorce wrote:
On Fri, 2013-03-01 at 15:29 +0100, Petr Spacek wrote:
Hello list,
we would like to share some news about DNS update mechanism:
- It is possible to allow particular principal to update all records in a
zone.
- It is
Hello,
Remove orphaned function declaration from ldap_helper.h.
--
Petr^2 Spacek
From 9129f3963c8a7d603c02c5a8ea1ce3f08182541f Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Fri, 22 Mar 2013 13:04:29 +0100
Subject: [PATCH] Remove orphaned function declaration from
The design page for CA-less installation with user-provided SSL certs is
available at http://freeipa.org/page/V3/CA-less_install. I've also
copied it to this mail.
Does it answer all your questions?
--
PetrĀ³
__NOTOC__
= Overview =
IPA will support installing without an embedded Certificate
On Fri, 2013-03-22 at 10:04 +0100, Petr Spacek wrote:
News from ISC: Evan Hunt replied that ISC can include our patches with
this
functionality.
I created ticket covering this task:
https://fedorahosted.org/bind-dyndb-ldap/ticket/112
Excellent!
Thanks a lot.
Simo.
--
Simo Sorce *
On 03/22/2013 08:10 AM, Petr Viktorin wrote:
The design page for CA-less installation with user-provided SSL certs
is available at http://freeipa.org/page/V3/CA-less_install. I've also
copied it to this mail.
Does it answer all your questions?
Petr,
It answers a lot of questions.
However
Dmitri Pal wrote:
On 03/22/2013 08:10 AM, Petr Viktorin wrote:
The design page for CA-less installation with user-provided SSL certs
is available at http://freeipa.org/page/V3/CA-less_install. I've also
copied it to this mail.
Does it answer all your questions?
Petr,
It answers a lot of
On 03/22/2013 01:32 PM, Dmitri Pal wrote:
On 03/22/2013 08:10 AM, Petr Viktorin wrote:
The design page for CA-less installation with user-provided SSL certs
is available at http://freeipa.org/page/V3/CA-less_install. I've also
copied it to this mail.
Does it answer all your questions?
Petr,
On 03/21/2013 04:56 PM, Petr Vobornik wrote:
This patch is a fix for upcoming ipa-3-1 minor release.
Loading of extension.js was removed with introduction of AMD modules. This
patch returns the feature to avoid regressions.
In 3.2 it will be handled differently (multiple plugins).
ACK,
On 02/08/2013 02:27 PM, Petr Vobornik wrote:
Checkbox for NONE option was added.
https://fedorahosted.org/freeipa/ticket/3404
Patches for master and 3.1 branch attached.
I pushed this version to ipa-3-1 branch only as a hotfix for upcoming 3.1
release so that users can set NONE option
Hello,
Fix crash caused by 'zonesub' match-type in update ACL.
Next patchset will improve overall error handling in ACL processing.
--
Petr^2 Spacek
From 5f8481da390298a2bc8616abae3b8aca3d432bfe Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Fri, 22 Mar 2013 13:54:39
On 03/13/2013 04:50 PM, Martin Kosek wrote:
On 03/12/2013 03:38 PM, Petr Spacek wrote:
On 12.3.2013 10:40, Martin Kosek wrote:
On 03/11/2013 04:58 PM, Petr Spacek wrote:
Hello list!
My first patch for FreeIPA is attached :-)
I managed to add new 389 DS plugin to build system, but the LDAP
On 22.3.2013 14:26, Petr Spacek wrote:
Hello,
Fix crash caused by 'zonesub' match-type in update ACL.
Next patchset will improve overall error handling in ACL processing.
I forgot to check return value from dns_name_copy(). Fixed patch is attached.
--
Petr^2 Spacek
From
On 03/21/2013 06:10 PM, Petr Vobornik wrote:
On 03/21/2013 05:10 PM, Martin Kosek wrote:
On 03/16/2013 03:32 AM, Endi Sukma Dewata wrote:
On 3/12/2013 11:28 AM, Petr Vobornik wrote:
Here's a patch for filtering groups by type.
Design page:
On 03/21/2013 03:01 PM, Martin Kosek wrote:
Recent LDAP refactoring replaced entry_attrs regular dict with
normalized keys (i.e. lowercase) with LDAPEntry instance which keys
may not be normalized. This broke CND command output when
--structured and --all options were used.
Force lowercase
On 03/22/2013 03:03 PM, Tomas Babej wrote:
On 03/21/2013 01:58 PM, Ana Krivokapic wrote:
Hello,
Unattended ipa-adtrust-install used to fail if --netbios option was not
provided. This patches fixes this, so that instead of failing the
default NETBIOS name is used.
Hi,
this patch enables SASL mapping fallback in IPA DS instance, see
https://fedorahosted.org/freeipa/ticket/3330. Automated replication
recovery and external user mapping is not part of the patch.
In order to test this, you need 389-ds-base 1.3.1 packages with patches
from
On 03/22/2013 03:04 PM, Petr Viktorin wrote:
On 03/21/2013 03:01 PM, Martin Kosek wrote:
Recent LDAP refactoring replaced entry_attrs regular dict with
normalized keys (i.e. lowercase) with LDAPEntry instance which keys
may not be normalized. This broke CND command output when
--structured
On 03/13/2013 03:05 PM, Tomas Babej wrote:
Hi,
The following is mentioned in the server log now:
- existence of host entry (if it already does exist)
- missing krbprincipalname and its new value (if there was no
principal name set)
https://fedorahosted.org/freeipa/ticket/3481
Tomas
On 03/22/2013 04:51 PM, Petr Viktorin wrote:
On 03/13/2013 03:05 PM, Tomas Babej wrote:
Hi,
The following is mentioned in the server log now:
- existence of host entry (if it already does exist)
- missing krbprincipalname and its new value (if there was no
principal name set)
On 03/22/2013 04:51 PM, Petr Viktorin wrote:
On 03/13/2013 03:05 PM, Tomas Babej wrote:
Hi,
The following is mentioned in the server log now:
- existence of host entry (if it already does exist)
- missing krbprincipalname and its new value (if there was no
principal name set)
On 03/18/2013 02:49 PM, Tomas Babej wrote:
On 03/18/2013 02:46 PM, Tomas Babej wrote:
Hi,
A new option --force-join has been added to ipa-client-install.
It forces the host enrollment even if the host entry exists.
Old certificate is revoked, new certificate and ssh key pair
generated. See the
On 03/22/2013 05:10 PM, Tomas Babej wrote:
On 03/22/2013 04:51 PM, Petr Viktorin wrote:
On 03/13/2013 03:05 PM, Tomas Babej wrote:
Hi,
The following is mentioned in the server log now:
- existence of host entry (if it already does exist)
- missing krbprincipalname and its new value (if
Petr Viktorin wrote:
On 03/18/2013 02:49 PM, Tomas Babej wrote:
On 03/18/2013 02:46 PM, Tomas Babej wrote:
Hi,
A new option --force-join has been added to ipa-client-install.
It forces the host enrollment even if the host entry exists.
Old certificate is revoked, new certificate and ssh key
On Fri 22 Mar 2013 05:54:12 PM CET, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/18/2013 02:49 PM, Tomas Babej wrote:
On 03/18/2013 02:46 PM, Tomas Babej wrote:
Hi,
A new option --force-join has been added to ipa-client-install.
It forces the host enrollment even if the host entry
25 matches
Mail list logo