[Freeipa-devel] [PATCH] Create pkiuser before calling pkicreate, pkicreate depends on the user existing

--- ipaserver/install/cainstance.py |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index a43809c..97ba833 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -445,9

[Freeipa-devel] [PATCH] 350 improvements to cert plugin

This makes the cert plugin use the built-in output functions and conform with output validation. It also normalizes an incoming PKCS#10 request to strip any data before or after the BEGIN/END blocks. And finally I added a get_subject() helper so we can include the subject when retrieving a

[Freeipa-devel] [PATCH] 352 fix ipa-rmkeytab

On F-12 I noticed that ipa-rmkeytab failed trying to remove entries. Turned out I needed to suspend looping when doing the removal. I think it was a fluke that this worked on F-11 with an older krb5-server. rob freeipa-352-rmkeytab.patch Description: application/mbox

[Freeipa-devel] [PATCH] 351 configurable certificate subjects

Let the user, upon installation, set the certificate subject base for the dogtag CA. Certificate requests will automatically be given this subject base, regardless of what is in the CSR. The selfsign plugin does not currently support this dynamic name re-assignment and will reject any

Re: [Freeipa-devel] [PATCH] Create pkiuser before calling pkicreate, pkicreate depends on the user existing

John Dennis wrote: --- ipaserver/install/cainstance.py |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index a43809c..97ba833 100644 --- a/ipaserver/install/cainstance.py +++

Re: [Freeipa-devel] [PATCHES] Use the dns plugin during installation

On Thu, 2009-12-03 at 17:25 +0100, Martin Nagy wrote: Hi, these three patches should make sure that we add dns records the right way. It will also serve for the ipa-dns-install command that's almost ready, patch will be coming soon. Thanks Martin I've rebased the paches and fixed some

Re: [Freeipa-devel] [PATCHES] Use the dns plugin during installation

On Thu, 2009-12-03 at 17:25 +0100, Martin Nagy wrote: Hi, these three patches should make sure that we add dns records the right way. It will also serve for the ipa-dns-install command that's almost ready, patch will be coming soon. Thanks Martin New patches, rebased + some minor issues

Re: [Freeipa-devel] [PATCHES] IPA to DS migration.

Pavel Zuna wrote: Ok, here's the latest version of IPA to DS migration suite. It includes the following: - A fix for a name collision in textui, Jason's big patch added a second method named print_entry. Nobody noticed there was one already. - Patch to the ipa-pwd-extop plugin to allow adding

[Freeipa-devel] [PATCH] 353 enable sssd and certmonger

Configure sssd and certmonger in ipa-client-install This does a number of things under the hood: - Use authconfig to enable sssd in nss and pam - Configure /etc/sssd/sssd.conf to use our IPA provider - Enable the certmonger process and request a server cert - join the IPA domain and retrieve a

Re: [Freeipa-devel] [PATCH] 352 fix ipa-rmkeytab

John Dennis wrote: On 01/20/2010 11:50 AM, Rob Crittenden wrote: On F-12 I noticed that ipa-rmkeytab failed trying to remove entries. Turned out I needed to suspend looping when doing the removal. I think it was a fluke that this worked on F-11 with an older krb5-server. ACK pushed to

[Freeipa-devel] [PATCHES] Add A and PTR records during ipa-replica-prepare

Hi, these patches will allow one to specify an ip address of the replica to ipa-replica-prepare. The dns records will then be added. This should make life better for QA :) Martin From 05c6e118b748839012a7e8bc0613367d8d27d7a8 Mon Sep 17 00:00:00 2001 From: Martin Nagy mn...@redhat.com Date: Mon,

[Freeipa-devel] [PATCH] Set BIND to use ldapi and use fake mname

Hi, some additional comments are in the patch. Martin From 003b8ee61673216243fe872297d069cb476e5600 Mon Sep 17 00:00:00 2001 From: Martin Nagy mn...@redhat.com Date: Wed, 25 Nov 2009 01:00:26 +0100 Subject: [PATCH] Set BIND to use ldapi and use fake mname The fake_mname for now doesn't exists

Re: [Freeipa-devel] [PATCH] 353 enable sssd and certmonger

On Wed, 2010-01-20 at 17:01 -0500, Rob Crittenden wrote: Configure sssd and certmonger in ipa-client-install This does a number of things under the hood: - Use authconfig to enable sssd in nss and pam - Configure /etc/sssd/sssd.conf to use our IPA provider - Enable the certmonger process

Re: [Freeipa-devel] [PATCH] 344 require fully-qualified hostname in ipa-join

On Fri, 2010-01-08 at 16:04 -0500, Rob Crittenden wrote: Require a fully-qualified hostname in ipa-join. The server side will enforce this as well but better to catch it early. rob ACK Martin ___ Freeipa-devel mailing list

Re: [Freeipa-devel] [PATCH] 351 configurable certificate subjects

John Dennis wrote: On 01/20/2010 11:31 AM, Rob Crittenden wrote: Let the user, upon installation, set the certificate subject base for the dogtag CA. Certificate requests will automatically be given this subject base, regardless of what is in the CSR. The selfsign plugin does not currently