Rob Crittenden wrote:
Pavel Zůna wrote:
Okey, I think my migration patches are ready for submission.
What's new?
- No more forced password change after migration, unless the password
doesn't meet IPA password policy. Expiration time sets correctly
(hooray!).
- Migration mode (adding entries
This adds an option to ipa-replica-manage, --force, that will let you
force the deletion of a replication agreement.
Before this both ends had to be up and running for this to work, so that
the agreement could be removed on both sides. But what if the remote has
already been destroyed, either
Make the IPA server host and its services "real" IPA entries
We use kadmin.local to bootstrap the creation of the kerberos principals
for the IPA server machine: host, HTTP and ldap. This works fine and has
the side-effect of protecting the services from modification by an admin
(which would l