https://fedorahosted.org/freeipa/ticket/1804
--
Jan Cholasta
>From b85259f0e2850226fcb4ca7cc113c2ddaf224bec Mon Sep 17 00:00:00 2001
From: Jan Cholasta
Date: Mon, 19 Sep 2011 11:41:31 +0200
Subject: [PATCH] Fix client install on IPv6 machines.
ticket 1804
---
ipa-client/ipa-install/ipa-client-
On 09/16/2011 10:25 AM, Alexander Bokovoy wrote:
> On Fri, 16 Sep 2011, JR Aquino wrote:
>> On Sep 16, 2011, at 4:41 AM, "Alexander Bokovoy" wrote:
>>> Can't we have a shortcut that allows to specify only name of the
>>> managed entry and we will expand it to full DN? Current approach is
>>> way
Jan Cholasta wrote:
On 16.9.2011 21:16, Rob Crittenden wrote:
Prompt for the current password when changing your own password using
ipa passwd.
I had to jump through several hoops with this:
- Added a new sortorder option so the Current password is prompted first
IMO something like "before='
Changing passwords would not properly set expiration date with the new
ipa-kdb code.
Patches fixes this.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From 35d94f9f9f354b8c47f4ba48c0a8b37e72b58a81 Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Sat, 17 Sep 2011 15:08:06 -0400
Subject: [PATCH]
Hi,
while testing the creation of trust objects I found a typo in the ACI
allowing to read the NT hash and realized that an ACI was missing to
allow the samba user to add and modify the trust objects. The attached
patch should fix it.
bye,
Sumit
From 6f5adfcd4e4f176230abd48bd8aa8847a2add20a Mon S
Hi,
this patch updates the samba LDAP schema to the latest version
available. I think the next change to this file will be removing it
because Simo is working on new objectclasses for IPA which will replace
the ones from the samba schema. But for the time being the samba's IPA
passdb backend expec
On Mon, 2011-09-19 at 11:52 +0200, Jan Cholasta wrote:
> https://fedorahosted.org/freeipa/ticket/1804
>
ACK. Works fine. Now I was able to enroll client to host in an IPv6-only
environment.
Pushed to master, ipa-2-1.
Martin
___
Freeipa-devel mailing
On Sep 19, 2011, at 6:37 AM, Simo Sorce wrote:
> Changing passwords would not properly set expiration date with the new
> ipa-kdb code.
>
> Patches fixes this.
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
> <0001-ipa-kdb-Properly-set-password-expiration-time.patch>__
On Mon, 2011-09-19 at 16:16 +, JR Aquino wrote:
> On Sep 19, 2011, at 6:37 AM, Simo Sorce wrote:
>
> > Changing passwords would not properly set expiration date with the new
> > ipa-kdb code.
> >
> > Patches fixes this.
> >
> > Simo.
> >
> > --
> > Simo Sorce * Red Hat, Inc * New York
> >
Attached find a patch for new attributes and objectclasses for the IPA
v3 goal of configuring trust relationships between freeipa and windows
domains.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From 4e1f05a524a1a73dacbd85f996a8c666cf5897e1 Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Thu
Fix get_url_list() so that the configured master server is there
just once. This fix lets /usr/bin/ipa try connecting to all IPA
masters just once and not print confusing server list with
dupled master.
https://fedorahosted.org/freeipa/ticket/1817
>From 0f388aedb7679f8c81e9a8592627936180e4108a Mo
According to the SELinux devs the return value from restorecon does not
necessarily reflect success/failure and recommended ignoring it. This
does that.
rob
>From e37d5a13b7972c1fa8fb08cfd5a46d70f009a420 Mon Sep 17 00:00:00 2001
From: Rob Crittenden
Date: Mon, 19 Sep 2011 16:31:57 -0400
Subjec
httplib makes a copy of the nss file descriptor but doesn't close it
when the response code != 200 so we need to close it ourselves.
rob
>From 20cc6f5bbb77e6f905cb4607e8d95f092e886d81 Mon Sep 17 00:00:00 2001
From: Rob Crittenden
Date: Mon, 19 Sep 2011 17:26:36 -0400
Subject: [PATCH] Shut down
Today I found another regression in the kpasswd password change path.
I filed ticket #1820
Legacy password hashes were not generated due to an issue with the list
of attributes being searched in ipadb_get_principal(), objectclass was
missing.
This patch fixes it.
Simo.
--
Simo Sorce * Red Hat
On Mon, 19 Sep 2011, Rob Crittenden wrote:
> According to the SELinux devs the return value from restorecon does
> not necessarily reflect success/failure and recommended ignoring it.
> This does that.
ACK. I was about to submit similar but stuck with systemd port and
forgot it. :)
--
/ Alexande
The IPA.association_adder_dialog has been modified to use an exclusion
list to hide entries that are already enrolled.
The IPA.adder_dialog has been modified to store the columns directly
in the available & selected tables.
Ticket #1797
--
Endi S. Dewata
From f8339f3fb32840fc6f2aa5b4b98f587cabd
We're having significant reproducible problems with rhel 5.7 + FreeIPA master...
I'm not sure if it is localized to us or even which side is responsible for the
error...
Has anyone had success with rhel 5.7's repo included FreeIPA client joining a
fedora based FreeIPA server?
We are essentially
On 19.9.2011 23:32, Rob Crittenden wrote:
httplib makes a copy of the nss file descriptor but doesn't close it
when the response code != 200 so we need to close it ourselves.
rob
Can we be sure that httplib's behavior is consistent and won't change? I
would rather try to close the fd without
On Tue, 2011-09-20 at 01:04 +0300, Alexander Bokovoy wrote:
> On Mon, 19 Sep 2011, Rob Crittenden wrote:
> > According to the SELinux devs the return value from restorecon does
> > not necessarily reflect success/failure and recommended ignoring it.
> > This does that.
> ACK. I was about to submit
19 matches
Mail list logo