On Fri, Sep 27, 2013 at 03:53:08PM +0300, Alexander Bokovoy wrote:
On Mon, 23 Sep 2013, Alexander Bokovoy wrote:
On Mon, 23 Sep 2013, Alexander Bokovoy wrote:
On Mon, 23 Sep 2013, Alexander Bokovoy wrote:
On Mon, 23 Sep 2013, Martin Kosek wrote:
However, we don't have trust type available so
:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 2 Oct 2013 11:44:32 +0200
Subject: [PATCH 1/2] ipa-kdb: add transit_realm member to trusted domains
To be able to handle requests for member domains in a trusted forest we
must know which forest the domain belongs to. Because we only share
On Wed, Oct 02, 2013 at 10:31:21PM +0200, Tomas Babej wrote:
On 10/01/2013 05:15 PM, Alexander Bokovoy wrote:
On Mon, 30 Sep 2013, Alexander Bokovoy wrote:
On Mon, 30 Sep 2013, Tomas Babej wrote:
On 09/28/2013 10:01 PM, Alexander Bokovoy wrote:
On Fri, 27 Sep 2013, Sumit Bose wrote:
On Fri
On Thu, Oct 03, 2013 at 12:01:35AM +0300, Alexander Bokovoy wrote:
On Wed, 02 Oct 2013, Tomas Babej wrote:
I'll send new patchset shortly.
New patchset is attached.
1. Added test update for ipalib/frontend.py changes
2. Used LDAPQuery as base for trustdomain_enable|disable commands as
On Thu, Oct 03, 2013 at 06:04:24PM +0200, Martin Kosek wrote:
On 10/03/2013 03:10 PM, Alexander Bokovoy wrote:
On Wed, 02 Oct 2013, Sumit Bose wrote:
Please note that I did not test with more than 1 subdomain, since I
do not have more ADs available.
I have done some testing as well
should fix it. I attached a patch for 3.0 as well because the
touched file was renamed.
bye,
Sumit
From 8bae65bc0afef181562b238d3a61d4d1dc7b3bde Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 7 Oct 2013 16:49:33 +0200
Subject: [PATCH] Use the right attribute
On Wed, Oct 16, 2013 at 06:31:32PM +0300, Alexander Bokovoy wrote:
Hi!
Attached is first update to AD trusts documentation for FreeIPA user
guide. I've fixed number of outdated statements and added some more
material.
More patches will follow to cover functionality up to FreeIPA 3.3.2.
: Sumit Bose sb...@redhat.com
Date: Tue, 29 Oct 2013 11:37:03 +0100
Subject: [PATCH 122/123] Remove AllowLMhash from the allowed IPA config
strings
Fixes https://fedorahosted.org/freeipa/ticket/3795
---
API.txt | 2 +-
install/ui/src/freeipa/serverconfig.js
/sssd/ticket/2030 .
bye,
Sumit
From 5686769945db285d06b9fec8deee1bc1bdf0cebc Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 29 Oct 2013 11:34:56 +0100
Subject: [PATCH] trust-add/del: send a signal to SSSD to reset timeouts
SSSD uses some timeouts when looking up new domains
On Thu, Nov 28, 2013 at 03:04:49PM +0200, Alexander Bokovoy wrote:
On Wed, 27 Nov 2013, Alexander Bokovoy wrote:
Hi!
Attached patch should solve an issue when fetching subdomains fails
shortly after trust has been established due to MS-PAC caching effects
on KDC. We have already made an
was not able to find good documentation on the specifics of those
packages. If you know some good docs please send me the link otherwise
we might what to ask MSFT for clarification.
bye,
Sumit
From 0b782064945352ad488e92b457bbfda2270ddf66 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
On Tue, Jan 14, 2014 at 04:03:06PM +0200, Alexander Bokovoy wrote:
On Tue, 14 Jan 2014, Martin Kosek wrote:
On 01/14/2014 01:27 PM, Alexander Bokovoy wrote:
On Tue, 14 Jan 2014, Martin Kosek wrote:
On 01/14/2014 01:02 PM, Alexander Bokovoy wrote:
Hi,
attached patch implements missing
On Wed, Jan 15, 2014 at 02:14:08PM +0200, Alexander Bokovoy wrote:
On Tue, 14 Jan 2014, Sumit Bose wrote:
On Tue, Jan 14, 2014 at 04:03:06PM +0200, Alexander Bokovoy wrote:
On Tue, 14 Jan 2014, Martin Kosek wrote:
On 01/14/2014 01:27 PM, Alexander Bokovoy wrote:
On Tue, 14 Jan 2014, Martin
On Wed, Jan 15, 2014 at 03:47:57PM +0200, Alexander Bokovoy wrote:
Hi!
This patch implements showing whether domains associated with the trust
enabled or disabled. One can enable/disable child domains through
trustdomain-enable/trustdomain-disable. Forest root domain will always
be enabled.
On Wed, Jan 15, 2014 at 07:24:00PM +0200, Alexander Bokovoy wrote:
On Wed, 15 Jan 2014, Alexander Bokovoy wrote:
Hi!
When looking into https://fedorahosted.org/freeipa/ticket/4113, I
decided to use output.standard_list_of_entries instead of a locally
defined list of entries. This solves the
On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
Hi,
when group contains external members, they are specified using SIDs. Use
trust-resolve command to convert them back on group-show.
On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:
On 01/17/2014 11:50 AM, Sumit Bose wrote:
On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
On Thu, 16 Jan 2014, Alexander Bokovoy wrote:
Hi,
when group contains external members, they are specified using
On Fri, Jan 17, 2014 at 01:02:18PM +0100, Petr Vobornik wrote:
On 17.1.2014 12:27, Sumit Bose wrote:
On Fri, Jan 17, 2014 at 12:09:03PM +0100, Martin Kosek wrote:
On 01/17/2014 11:50 AM, Sumit Bose wrote:
On Fri, Jan 17, 2014 at 11:49:18AM +0200, Alexander Bokovoy wrote:
On Thu, 16 Jan 2014
On Mon, Jan 20, 2014 at 05:18:30PM +0200, Alexander Bokovoy wrote:
On Mon, 20 Jan 2014, Martin Kosek wrote:
On 01/20/2014 03:49 PM, Alexander Bokovoy wrote:
Hi!
Make sure we delete child domains before removing the trust itself as
LDAP protocol does not allow removing non-leaf objects.
On Mon, Jan 20, 2014 at 04:49:21PM +0200, Alexander Bokovoy wrote:
Hi!
Make sure we delete child domains before removing the trust itself as
LDAP protocol does not allow removing non-leaf objects.
This has non-obvious effect -- old code did remove cross-realm
principals and then removed
On Tue, Jan 21, 2014 at 12:39:32PM +0200, Alexander Bokovoy wrote:
On Tue, 21 Jan 2014, Alexander Bokovoy wrote:
On Tue, 21 Jan 2014, Sumit Bose wrote:
On Mon, Jan 20, 2014 at 04:49:21PM +0200, Alexander Bokovoy wrote:
Hi!
Make sure we delete child domains before removing the trust itself
Hi,
here is another one for the CLDAP NetBIOS name issue.
bye,
Sumit
From 744507e74055ffd8bf40f6b7d67ff094f975903e Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 23 Jan 2014 12:36:38 +0100
Subject: [PATCH] CLDAP: generate NetBIOS name like ipa-adtrust-install does
Fixes
On Thu, Jan 23, 2014 at 03:07:05PM +0200, Alexander Bokovoy wrote:
On Thu, 23 Jan 2014, Sumit Bose wrote:
Hi,
here is another one for the CLDAP NetBIOS name issue.
ACK but could you please split the patch into two:
- adding make_netbios_name() and using it
- CMocka test
On Mon, Feb 10, 2014 at 03:55:56PM -0500, Dmitri Pal wrote:
Hi,
We have a ticket [1] about Samba FS documentation. Alexander added a
comment recently but I know Sumit is working on this effort now.
Should we pull ticket in and/or merge it with some other ticket wit have?
Since there are two
On Thu, Feb 20, 2014 at 01:14:50PM +0100, Martin Kosek wrote:
We had a discussion with other developers how better track who is reviewing
which patch. Recently, we introduced the Reviewed-By tag in a commit message,
but that is a post-review tag which is not useful for someone who wants to
On Fri, Feb 28, 2014 at 11:59:57AM +0100, Petr Spacek wrote:
On 28.2.2014 11:53, Sumit Bose wrote:
Hi,
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The reason was that starting
On Fri, Feb 28, 2014 at 01:14:58PM +0100, Petr Spacek wrote:
On 28.2.2014 12:10, Sumit Bose wrote:
On Fri, Feb 28, 2014 at 11:59:57AM +0100, Petr Spacek wrote:
On 28.2.2014 11:53, Sumit Bose wrote:
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed
On Tue, Mar 04, 2014 at 11:13:25AM +0200, Alexander Bokovoy wrote:
Attached patch should fix https://fedorahosted.org/freeipa/ticket/4207
where we didn't filter out users from disabled subdomains aggressively
enough.
The code that did not filter exists only in git, not in released
versions
On Thu, Mar 06, 2014 at 10:32:44AM +0200, Alexander Bokovoy wrote:
Hi!
Attached patch should fix the issue raised by Sumit when reviewing my
patch 0145.
Additionally, it fixes reverted condition check for case when we didn't
find client_princ in the database, preventing a memory leak.
On Tue, Mar 11, 2014 at 11:04:29PM +0200, Alexander Bokovoy wrote:
On Tue, 11 Mar 2014, Sumit Bose wrote:
On Tue, Mar 11, 2014 at 07:09:42PM +0200, Alexander Bokovoy wrote:
Hi,
Add idmap_cache calls to ipa-sam to prevent huge numbers of LDAP calls
to the
directory service for gid/uid-sid
1d53cd249b6e1d80770d135190ff9845dad10cf2 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 25 Mar 2014 11:29:58 +0100
Subject: [PATCH] extdom: do not return results from the wrong domain
Resolves: https://fedorahosted.org/freeipa/ticket/4264
---
.../ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
On Tue, Mar 11, 2014 at 03:39:57PM +0100, Petr Spacek wrote:
On 11.3.2014 15:32, Alexander Bokovoy wrote:
after discussing with Petr Spacek, following patch fixes ticket 4224.
Code seems okay but I didn't do functional test.
To just close this tread the changes form this patch are already
that needs to be taken care of in backup or
restore procedure.
= Test Plan =
Test scenarios that will be transformed to test cases for FreeIPA
Continuous Integration during implementation or review phase.
= RFE Author =
[[User:Sbose|Sumit Bose
On Wed, Apr 16, 2014 at 04:59:55PM +0300, Alexander Bokovoy wrote:
On Wed, 16 Apr 2014, Simo Sorce wrote:
On Wed, 2014-04-16 at 16:15 +0300, Alexander Bokovoy wrote:
On Wed, 16 Apr 2014, Simo Sorce wrote:
+'ipanttrusteddomainsid', 'ipanttrustforesttrustinfo',
+
On Wed, Apr 16, 2014 at 09:02:00PM -0400, Dmitri Pal wrote:
On 04/15/2014 05:13 AM, Sumit Bose wrote:
Hi,
I have started to write a design page for 'Migrating existing
environments to Trust'
http://www.freeipa.org/page/V3/Migrating_existing_environments_to_Trust
It shall cover https
On Thu, Apr 17, 2014 at 01:25:08PM +0300, Alexander Bokovoy wrote:
On Thu, 17 Apr 2014, Sumit Bose wrote:
On Wed, Apr 16, 2014 at 09:02:00PM -0400, Dmitri Pal wrote:
On 04/15/2014 05:13 AM, Sumit Bose wrote:
Hi,
#* Shall we allow different UIDs/GIDs in different views?
Yes.
I hope
On Thu, Apr 17, 2014 at 11:50:57AM -0400, Simo Sorce wrote:
On Thu, 2014-04-17 at 17:20 +0200, Sumit Bose wrote:
On Thu, Apr 17, 2014 at 01:25:08PM +0300, Alexander Bokovoy wrote:
On Thu, 17 Apr 2014, Sumit Bose wrote:
On Wed, Apr 16, 2014 at 09:02:00PM -0400, Dmitri Pal wrote:
On 04
On Fri, Apr 18, 2014 at 01:53:30AM -0400, Simo Sorce wrote:
On Thu, 2014-04-17 at 23:58 -0400, Dmitri Pal wrote:
yes, this can already be controlled by the idrange type. But you
have to
choose either algorithmic or manual mapping you cannot have both in
a
given domain. What you can
On Fri, Apr 18, 2014 at 06:52:30PM +0200, Sumit Bose wrote:
On Fri, Apr 18, 2014 at 01:53:30AM -0400, Simo Sorce wrote:
On Thu, 2014-04-17 at 23:58 -0400, Dmitri Pal wrote:
yes, this can already be controlled by the idrange type. But you
have to
choose either algorithmic or manual
On Fri, May 02, 2014 at 05:06:06PM -0400, Nathaniel McCallum wrote:
I need the DN of the user who is running the current command. This may
be defined as the user who is bound or will bind to execute the LDAP
commands I have prepared.
Does anyone know how to do this in the FreeIPA api?
I
On Tue, Apr 15, 2014 at 11:13:38AM +0200, Sumit Bose wrote:
Hi,
I have started to write a design page for 'Migrating existing
environments to Trust'
http://www.freeipa.org/page/V3/Migrating_existing_environments_to_Trust
It shall cover https://fedorahosted.org/freeipa/ticket/3318 and
https
are in the replicated LDAP tree and
should be backuped with the other data in the tree.
= Test Plan =
Test scenarios that will be transformed to test cases for FreeIPA
Continuous Integration during implementation or review phase.
= RFE Author =
[[User:Sbose|Sumit Bose
On Thu, May 29, 2014 at 01:31:04PM -0400, Simo Sorce wrote:
On Thu, 2014-05-29 at 18:50 +0200, Petr Spacek wrote:
On 29.5.2014 13:48, Sumit Bose wrote:
== slapi-nis plugin/compat tree ==
The compat tree offers a simplified LDAP tree with user and group data
for legacy clients. No data
On Mon, Jun 02, 2014 at 09:45:28AM +0200, Petr Spacek wrote:
On 30.5.2014 15:47, Sumit Bose wrote:
On Fri, May 30, 2014 at 09:13:18AM -0400, Dmitri Pal wrote:
On 05/30/2014 03:04 AM, Sumit Bose wrote:
On Thu, May 29, 2014 at 01:31:04PM -0400, Simo Sorce wrote:
On Thu, 2014-05-29 at 18:50
On Mon, Jun 02, 2014 at 10:22:48AM +0200, Petr Spacek wrote:
On 2.6.2014 10:11, Sumit Bose wrote:
On Mon, Jun 02, 2014 at 09:45:28AM +0200, Petr Spacek wrote:
On 30.5.2014 15:47, Sumit Bose wrote:
On Fri, May 30, 2014 at 09:13:18AM -0400, Dmitri Pal wrote:
On 05/30/2014 03:04 AM, Sumit Bose
type:OCT_STR
value:532d312d352d32312d313232333238393138382d333139383434303335332d30303231313033322d353030
$ echo
532d312d352d32312d313232333238393138382d333139383434303335332d30303231313033322d353030
| xxd -r -p
S-1-5-21-1223289188-3198440353-3300211032-500
= RFE Author =
[[User:Sbose|Sumit
On Thu, Jun 19, 2014 at 09:43:06AM +0200, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
Maybe we can get rid of
Hi,
I have updated
http://www.freeipa.org/page/V4/Migrating_existing_environments_to_Trust
with the comments from the latest round. The changes can be see at
http://www.freeipa.org/index.php?title=V4%2FMigrating_existing_environments_to_Trustdiff=8696oldid=8181
I think most aspects are clear now.
Hi,
it looks like the ipa-kdb unit test is broken. This patch tries to fix
it.
bye,
Sumit
From 5de7f5790d895251c7a22b6af804ac5c61c553c4 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 22 Jul 2014 17:17:45 +0200
Subject: [PATCH] ipa-kdb: fix unit tests
---
daemons/ipa-kdb
Hi,
there is another update for the user views design
http://www.freeipa.org/page/V4/Migrating_existing_environments_to_Trust
(diff can be found at
http://www.freeipa.org/index.php?title=V4%2FMigrating_existing_environments_to_Trustdiff=9641oldid=8696
)
The main change is that the view is not
On Thu, Aug 14, 2014 at 07:18:40PM +0200, thierry bordaz wrote:
Hello,
Following Petr remarks from the previous review, I modified the
original fix to move it only in '.update' files.
Thanks
thierry
From d45e78dfeb7761348c464b3bb3956656bb115ce0 Mon Sep 17 00:00:00 2001
On Thu, Aug 28, 2014 at 07:26:51PM +0200, thierry bordaz wrote:
On 08/28/2014 06:51 PM, Sumit Bose wrote:
On Thu, Aug 14, 2014 at 07:18:40PM +0200, thierry bordaz wrote:
Hello,
Following Petr remarks from the previous review, I modified the
original fix to move it only in '.update
On Thu, Aug 21, 2014 at 01:43:35PM +0300, Alexander Bokovoy wrote:
Hi!
Attached patchset improves trust operations:
1. Ensures we only allow establishing trust to forest root domain
2. Ensures that we select primary domain controllers
3. Ensures first create trust and later set it to
On Fri, Aug 29, 2014 at 12:35:05PM +0300, Alexander Bokovoy wrote:
On Fri, 29 Aug 2014, Sumit Bose wrote:
On Thu, Aug 21, 2014 at 01:43:35PM +0300, Alexander Bokovoy wrote:
Hi!
Attached patchset improves trust operations:
1. Ensures we only allow establishing trust to forest root domain
On Thu, Sep 11, 2014 at 05:23:34PM +0200, Ludwig Krispenz wrote:
On 09/11/2014 05:03 PM, Martin Kosek wrote:
Hello,
We have another important issue to resolve. Current FreeIPA 4.0.2 ACI
settings
cause older SSSD clients to fail as they get returned an LDAP deref call
results without
17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 23 Sep 2014 15:55:43 +0200
Subject: [PATCH] extdom: add support for new version
Currently the extdom plugin is basically used to translate SIDs of AD
users and groups to names and POSIX IDs.
With this patch a new version is added which
On Wed, Sep 24, 2014 at 03:23:54PM +0200, Jakub Hrozek wrote:
On Tue, Sep 23, 2014 at 05:11:01PM +0200, Sumit Bose wrote:
Hi,
this patch should fix https://fedorahosted.org/freeipa/ticket/4031 and
with the corresponding SSSD part it would be possible to get the full
list of group
On Thu, Sep 25, 2014 at 01:46:00PM +0200, Sumit Bose wrote:
On Wed, Sep 24, 2014 at 03:23:54PM +0200, Jakub Hrozek wrote:
On Tue, Sep 23, 2014 at 05:11:01PM +0200, Sumit Bose wrote:
Hi,
this patch should fix https://fedorahosted.org/freeipa/ticket/4031 and
with the corresponding
On Mon, Sep 29, 2014 at 06:15:21PM +0200, Sumit Bose wrote:
On Thu, Sep 25, 2014 at 01:46:00PM +0200, Sumit Bose wrote:
On Wed, Sep 24, 2014 at 03:23:54PM +0200, Jakub Hrozek wrote:
On Tue, Sep 23, 2014 at 05:11:01PM +0200, Sumit Bose wrote:
Hi,
this patch should fix https
Hi,
I have started a new section on the design page 'Migrating existing
environments to Trust' aka Views about how the data is stored in the
cache of SSSD at
http://www.freeipa.org/page/V4/Migrating_existing_environments_to_Trust#SSSD_Cache_layout
Comments and suggestions are welcome.
bye,
On Mon, Oct 13, 2014 at 01:24:10PM +0200, Martin Kosek wrote:
Hello all,
Last week me, Jakub and Stef discussed a design for a candidate for a
FreeIPAGnome keyring related thesis:
https://thesis-managementsystem.rhcloud.com/topic/show/219/gnome-keyring-storage-in-freeipa
Apparently,
.
The second patch just removes an obsolete dependency.
bye,
Sumit
From 928c04c35601b7bc1c57c1320e4a746abc35e947 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Fri, 10 Oct 2014 10:56:37 +0200
Subject: [PATCH 131/132] extdom: add support for sss_nss_getorigbyname()
---
.../ipa-extdom
On Sun, Oct 19, 2014 at 10:04:29PM +0200, Jakub Hrozek wrote:
On Fri, Oct 17, 2014 at 11:53:44AM +0200, Sumit Bose wrote:
Hi,
the first patch replaces sss_nss_getsidbyname() by
sss_nss_getorigbyname() for the new version of the extdom interface.
The new call returns more data about
On Mon, Jan 12, 2015 at 04:55:33PM +0200, Alexander Bokovoy wrote:
Hi,
Samba project renamed libpdb library we use in ipa-sam module to
libsamba-passdb due to naming clash with some other library popular in
academic circles (details are in
https://bugzilla.samba.org/show_bug.cgi?id=10355)
On Mon, Jan 19, 2015 at 10:25:34AM +0100, Martin Kosek wrote:
On 01/16/2015 06:25 PM, Simo Sorce wrote:
On Fri, 16 Jan 2015 17:44:12 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Fri, 16 Jan 2015, Simo Sorce wrote:
On Fri, 16 Jan 2015 10:37:36 +0200
Alexander Bokovoy
On Mon, Jan 26, 2015 at 10:44:09AM -0500, Simo Sorce wrote:
On Wed, 21 Jan 2015 12:03:48 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
Hi,
couple patches to fix Kerberos DAL driver in relation to trusts.
Patch 0174:
Allow using CA paths defined in krb5.conf on top of what we
On Wed, Dec 24, 2014 at 08:50:29AM +0530, Prashant Bapat wrote:
Hi,
What I'm trying to do is to modify the Range FreeIPA uses. I removed the
random Range Id created during install, added a new range that I wanted.
But problem is when I try to add a new user or a group now its still using
On Wed, Mar 18, 2015 at 11:25:14AM +0100, Jakub Hrozek wrote:
I could swear I sent the patch last time when I was reviewing Sumit's
patches but apparently not.
It's better to use %zu instead of %d for size_t formatting with recent
compilers.
From a088e8c8a9bd29b4c22f1579f2c3705652bf2730
On Fri, Mar 13, 2015 at 03:14:55PM +0100, Jakub Hrozek wrote:
On Fri, Mar 13, 2015 at 11:56:46AM +0100, Sumit Bose wrote:
On Wed, Mar 04, 2015 at 06:42:05PM +0100, Sumit Bose wrote:
Hi,
this is the first patch for https://fedorahosted.org/freeipa/ticket/4922
which converts
On Fri, Mar 13, 2015 at 03:17:10PM +0100, Jakub Hrozek wrote:
On Fri, Mar 13, 2015 at 11:55:09AM +0100, Sumit Bose wrote:
On Wed, Mar 04, 2015 at 06:35:22PM +0100, Sumit Bose wrote:
Hi,
this patch series improves error reporting of the extdom plugin
especially on the client side
On Wed, Mar 18, 2015 at 12:53:04PM +0100, Martin Kosek wrote:
On 03/18/2015 11:22 AM, Jakub Hrozek wrote:
On Wed, Mar 18, 2015 at 11:01:35AM +0100, Sumit Bose wrote:
On Fri, Mar 13, 2015 at 03:14:55PM +0100, Jakub Hrozek wrote:
On Fri, Mar 13, 2015 at 11:56:46AM +0100, Sumit Bose wrote
On Wed, Mar 18, 2015 at 01:36:44PM +0100, Martin Kosek wrote:
On 03/18/2015 01:32 PM, Sumit Bose wrote:
On Wed, Mar 18, 2015 at 12:53:04PM +0100, Martin Kosek wrote:
On 03/18/2015 11:22 AM, Jakub Hrozek wrote:
On Wed, Mar 18, 2015 at 11:01:35AM +0100, Sumit Bose wrote:
On Fri, Mar 13
On Tue, Mar 10, 2015 at 11:59:45AM +0100, Tomas Babej wrote:
On 03/05/2015 08:00 AM, Alexander Bokovoy wrote:
On Wed, 04 Mar 2015, Nathan Kinder wrote:
On 03/04/2015 10:34 PM, Alexander Bokovoy wrote:
On Wed, 04 Mar 2015, Sumit Bose wrote:
Hi,
while running 389ds with valgrind to see
On Wed, Mar 04, 2015 at 06:42:05PM +0100, Sumit Bose wrote:
Hi,
this is the first patch for https://fedorahosted.org/freeipa/ticket/4922
which converts the check-based tests of the extdom plugin to cmocka.
bye,
Sumit
Rebased version attached.
bye,
Sumit
From
On Wed, Mar 04, 2015 at 06:35:22PM +0100, Sumit Bose wrote:
Hi,
this patch series improves error reporting of the extdom plugin
especially on the client side. Currently there is only SSSD ticket
https://fedorahosted.org/sssd/ticket/2463 . Shall I create a
corresponding FreeIPA ticket
On Thu, Mar 26, 2015 at 07:40:16PM +0100, Lukas Slebodnik wrote:
On (18/03/15 12:33), Jakub Hrozek wrote:
On Wed, Mar 18, 2015 at 11:39:15AM +0100, Sumit Bose wrote:
On Wed, Mar 18, 2015 at 11:25:14AM +0100, Jakub Hrozek wrote:
I could swear I sent the patch last time when I was reviewing
0b4e302866f734b93176d9104bd78a2e55702c40 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 24 Feb 2015 15:29:00 +0100
Subject: [PATCH 134/136] Add configure check for cwrap libraries
Currently only nss-wrapper is checked, checks for other crwap libraries
can be added e.g
On Wed, Mar 04, 2015 at 04:17:55PM +0200, Alexander Bokovoy wrote:
On Mon, 02 Mar 2015, Sumit Bose wrote:
diff --git a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
index
Hi,
this is the first patch for https://fedorahosted.org/freeipa/ticket/4922
which converts the check-based tests of the extdom plugin to cmocka.
bye,
Sumit
From e11c525d27ab19abbb16e12195a2ea9eb6421c80 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 9 Feb 2015 18:12:01
Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 4 Mar 2015 13:39:04 +0100
Subject: [PATCH] extdom: return LDAP_NO_SUCH_OBJECT to the client
---
daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_extop.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git
Hi,
while running 389ds with valgrind to see if my other patches introduced
a memory leak I found an older one which is fixed by this patch.
bye,
Sumit
From bb02cdc135fecc1766b17edd61554dbde9bccd0b Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 4 Mar 2015 17:53:08 +0100
messages.
Suggestions for more messages are welcome.
bye,
Sumit
From 2e8e4abb7e79d44f0ce0560daeb7696d9641a684 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Mon, 2 Feb 2015 00:52:10 +0100
Subject: [PATCH 137/139] extdom: add err_msg member to request context
---
daemons/ipa-slapi
On Wed, Mar 04, 2015 at 06:14:53PM +0100, Sumit Bose wrote:
On Wed, Mar 04, 2015 at 04:17:55PM +0200, Alexander Bokovoy wrote:
On Mon, 02 Mar 2015, Sumit Bose wrote:
diff --git
a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
b/daemons/ipa-slapi-plugins/ipa-extdom-extop
On Thu, Mar 05, 2015 at 09:16:36AM +0100, Sumit Bose wrote:
On Wed, Mar 04, 2015 at 06:14:53PM +0100, Sumit Bose wrote:
On Wed, Mar 04, 2015 at 04:17:55PM +0200, Alexander Bokovoy wrote:
On Mon, 02 Mar 2015, Sumit Bose wrote:
diff --git
a/daemons/ipa-slapi-plugins/ipa-extdom-extop
On Wed, Feb 25, 2015 at 02:43:05PM +0100, Martin Kosek wrote:
On 02/24/2015 06:47 PM, Sumit Bose wrote:
Hi,
this patch changes a return code and should fix
https://fedorahosted.org/freeipa/ticket/4924 .
bye,
Sumit
I have a related question. Do I read the plugin right
Hi,
this patch changes a return code and should fix
https://fedorahosted.org/freeipa/ticket/4924 .
bye,
Sumit
From e4a6c8f3cd7975bbb276585ec1ac25a7551f46d0 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Tue, 24 Feb 2015 18:32:43 +0100
Subject: [PATCH] ipa-range-check: do
On Fri, May 29, 2015 at 10:38:41AM +0200, Martin Kosek wrote:
Hello all,
I would like to discuss the scope needed for ticket 4905 [1]. This is mostly
question for Sumit as he is working on the SSSD SC support. The main minimal
target is to allow SSSD get a ticket for a user once he
On Fri, May 29, 2015 at 12:10:24PM +0200, Martin Kosek wrote:
On 05/29/2015 11:26 AM, Sumit Bose wrote:
On Fri, May 29, 2015 at 10:38:41AM +0200, Martin Kosek wrote:
Hello all,
I would like to discuss the scope needed for ticket 4905 [1]. This is mostly
question for Sumit as he is working
On Fri, May 29, 2015 at 12:54:13PM +0200, Martin Kosek wrote:
On 05/29/2015 12:33 PM, Sumit Bose wrote:
On Fri, May 29, 2015 at 12:10:24PM +0200, Martin Kosek wrote:
On 05/29/2015 11:26 AM, Sumit Bose wrote:
On Fri, May 29, 2015 at 10:38:41AM +0200, Martin Kosek wrote:
Hello all,
I would
On Wed, May 27, 2015 at 06:12:50PM +0200, Martin Basti wrote:
On 27/05/15 15:53, Fraser Tweedale wrote:
This patch adds supports for multiple user / host certificates. No
schema change is needed ('usercertificate' attribute is already
multi-value). The revoke-previous-cert behaviour of
() in the 3rd patch. The last patch add unit tests for
those two calls as well.
bye,
Sumit
From ddd3ac0a38521ae9450f9dee46fbd8434ac85870 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Wed, 20 May 2015 18:31:19 +0200
Subject: [PATCH 145/148] ipa-kdb: convert test to cmocka
---
daemons/ipa
45af7302b80bff25892bb6629689dbf4dfa3b37d Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@ipa-devel.ipa.devel
Date: Fri, 16 Jan 2015 12:35:57 +0100
Subject: [PATCH] ipa-sam: use proper domain GUID
---
daemons/ipa-sam/ipa_sam.c | 28
1 file changed, 16 insertions(+), 12 deletions(-)
diff --git
Hi,
this tests should have gone together with
c1114ef82516002de08e004a930b5ba4a1791b25 but got lost somehow during the
bugzilla processing.
bye,
Sumit
From 724258fc3eff2872cf95a5401f25b8134233ee68 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 26 Feb 2015 14:08:06 +0100
On Tue, May 26, 2015 at 01:24:30PM +0200, Petr Vobornik wrote:
On 05/26/2015 01:21 PM, Sumit Bose wrote:
Hi,
this tests should have gone together with
c1114ef82516002de08e004a930b5ba4a1791b25 but got lost somehow during the
bugzilla processing.
bye,
Sumit
So it has been acked
On Wed, Jul 22, 2015 at 09:41:51AM -0400, Simo Sorce wrote:
- Original Message -
From: Sumit Bose sb...@redhat.com
To: freeipa-devel freeipa-devel@redhat.com
Sent: Tuesday, July 21, 2015 7:41:14 AM
Subject: [Freeipa-devel] [PATCH 149] IPA KDB: allow case in-sensitive realm
On Tue, Jul 28, 2015 at 02:26:34PM +0300, Alexander Bokovoy wrote:
On Tue, 28 Jul 2015, Simo Sorce wrote:
On Tue, 2015-07-28 at 12:15 +0200, Sumit Bose wrote:
On Wed, Jul 22, 2015 at 09:41:51AM -0400, Simo Sorce wrote:
- Original Message -
From: Sumit Bose sb...@redhat.com
From: Sumit Bose sb...@redhat.com
Date: Tue, 21 Jul 2015 12:12:56 +0200
Subject: [PATCH] IPA KDB: allow case in-sensitive realm in AS request
If the canonicalization flag is set the realm of the client principal in
an AS request (kinit) may only match case in-sensitive.
Resolves https
On Tue, Jul 21, 2015 at 01:41:14PM +0200, Sumit Bose wrote:
Hi,
this patch is my suggestion to solve
https://fedorahosted.org/freeipa/ticket/4844 .
The original issue in the ticket has two part. One is a loop in libkrb5
which is already fixed. The other is to handle canonicalization
On Thu, Oct 08, 2015 at 01:36:23PM +0300, Alexander Bokovoy wrote:
> On Mon, 05 Oct 2015, Sumit Bose wrote:
> >On Thu, Sep 03, 2015 at 06:22:05PM +0300, Alexander Bokovoy wrote:
> >>On Thu, 03 Sep 2015, Alexander Bokovoy wrote:
> >>>Hi,
> >>>
> >
On Tue, May 26, 2015 at 01:36:35PM +0200, Martin Kosek wrote:
On 05/26/2015 01:33 PM, Sumit Bose wrote:
Hi,
these patches add some unit tests and some additional improvements
related to the issues described in
https://bugzilla.redhat.com/show_bug.cgi?id=1222475 . The original issue
201 - 300 of 377 matches
Mail list logo
