Re: [Freeipa-devel] [PATCH] 0052..0054 Configure lightweight CA key replication

On 9.6.2016 08:31, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 07:49:51AM +0200, Jan Cholasta wrote: On 9.6.2016 06:07, Fraser Tweedale wrote: Updated patches 0053-6 and 0054-6 attached. Comments inline. Thanks, Fraser On Wed, Jun 08, 2016 at 10:31:07AM +0200, Jan Cholasta wrote: Patch 0

Re: [Freeipa-devel] [PATCH] 0055 Authorise CA Agent to manage lightweight CAs

On 21.4.2016 07:19, Fraser Tweedale wrote: The attached patch is part of lightweight CA support. It just adds some ACL rules to Dogtag database, and does not depend the version of Dogtag (so it's ok to merge immediately, when ACKed). ACK. Pushed to master: 903a90fb4e7dc7eaddc1cc4f11083dad5c16

Re: [Freeipa-devel] [PATCH] 0056 Add custodia store for lightweight CA key replication

On 5.5.2016 09:05, Fraser Tweedale wrote: G'day team, This patch implements a new Custodia store type to be used for LWCA keys. Simo gave a preliminary review a couple weeks ago (I was holding off because required Dogtag bits were not yet merged... they are now, so here's the patch ^_^) ACK.

Re: [Freeipa-devel] [WIP] Thin client

On 9.6.2016 08:14, David Kupka wrote: On 08/06/16 14:44, Jan Cholasta wrote: On 8.6.2016 14:40, Martin Babinsky wrote: On 06/08/2016 02:11 PM, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub:

Re: [Freeipa-devel] [PATCH] man: Decribe ipa-client-install workaround for broken D-Bus enviroment.

On 06/09/2016 07:00 AM, David Kupka wrote: On 02/03/16 11:18, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5694 Sending updated version crafted with Flo's help, thanks. ACK. Thanks for your patience explaining the details, Flo. -- Manage your subscription for the Freeipa-d

Re: [Freeipa-devel] [PATCH] 0059..0064 Lightweight sub-CAs

On 9.6.2016 08:44, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 01:21:29AM +1000, Fraser Tweedale wrote: On Wed, Jun 08, 2016 at 01:00:36PM +0200, Jan Cholasta wrote: On 8.6.2016 05:15, Fraser Tweedale wrote: On Tue, Jun 07, 2016 at 03:42:22PM +1000, Fraser Tweedale wrote: On Wed, Jun 01, 2

Re: [Freeipa-devel] [PATCH] 0039-40: DNS Location: WebUI

On 06/08/2016 04:40 PM, Petr Vobornik wrote: On 06/07/2016 10:07 AM, Pavel Vomacka wrote: On 06/06/2016 07:51 PM, Martin Basti wrote: On 05.06.2016 18:34, Pavel Vomacka wrote: Hello, please review attached patches which add WebUI part of DNS Locations feature. -- Pavel^3 Vomacka NACK

Re: [Freeipa-devel] [PATCH] 0039-40: DNS Location: WebUI

On 06/09/2016 10:15 AM, Pavel Vomacka wrote: On 06/08/2016 04:40 PM, Petr Vobornik wrote: On 06/07/2016 10:07 AM, Pavel Vomacka wrote: On 06/06/2016 07:51 PM, Martin Basti wrote: On 05.06.2016 18:34, Pavel Vomacka wrote: Hello, please review attached patches which add WebUI part of DN

Re: [Freeipa-devel] [PATCH] 0042: Fix bad searching of reverse DNS zone

On 06/08/2016 06:36 PM, Petr Vobornik wrote: On 06/07/2016 10:30 AM, Pavel Vomacka wrote: On 06/07/2016 09:08 AM, Petr Spacek wrote: Hi, the commit message does not say what was wrong and why and what works now. Please improve the commit message before pushing this. Commit message improved

Re: [Freeipa-devel] [PATCH] 0059..0064 Lightweight sub-CAs

On Thu, Jun 09, 2016 at 10:12:40AM +0200, Jan Cholasta wrote: > On 9.6.2016 08:44, Fraser Tweedale wrote: > > On Thu, Jun 09, 2016 at 01:21:29AM +1000, Fraser Tweedale wrote: > > > On Wed, Jun 08, 2016 at 01:00:36PM +0200, Jan Cholasta wrote: > > > > On 8.6.2016 05:15, Fraser Tweedale wrote: > > >

Re: [Freeipa-devel] [PATCH] 0006 add context to exception on LdapEntry decode error

On 06/08/2016 01:14 PM, Stanislav Laznicka wrote: On 06/08/2016 01:13 PM, Stanislav Laznicka wrote: On 06/07/2016 05:11 PM, Florence Blanc-Renaud wrote: On 06/07/2016 04:08 PM, Stanislav Laznicka wrote: On 06/06/2016 02:47 PM, Florence Blanc-Renaud wrote: Hi, please find attached the pat

[Freeipa-devel] [PATCH][WIP] DNS Location: generator for location records

Hello, here is WIP version of generator for IPA DNS records and locations, that is responsible for creating and updating all IPA records for all masters. Please note that this is not finished yet and some methods may not work. Patch attached From 9de5de867a029a02a690718b3fe272702471ca0c Mon

Re: [Freeipa-devel] [PATCH 0492] Translations: update ipa-4-3 translations

On 07.06.2016 12:51, Martin Babinsky wrote: On 06/01/2016 05:10 PM, Martin Basti wrote: Patch attached. ACK Pushed to ipa-4-3: 22fcf65cd1b674b21496b677818a8c75adcd70a6 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Con

Re: [Freeipa-devel] [PATCH] 0059..0064 Lightweight sub-CAs

On 9.6.2016 11:10, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 10:12:40AM +0200, Jan Cholasta wrote: On 9.6.2016 08:44, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 01:21:29AM +1000, Fraser Tweedale wrote: On Wed, Jun 08, 2016 at 01:00:36PM +0200, Jan Cholasta wrote: On 8.6.2016 05:15, F

Re: [Freeipa-devel] [PATCH 0041] Increase nsslapd-db-locks

On 06/07/2016 08:56 AM, thierry bordaz wrote: On 06/06/2016 07:23 PM, Martin Basti wrote: On 03.06.2016 13:38, Stanislav Laznicka wrote: Hello, The attached patch implements solution to https://fedorahosted.org/freeipa/ticket/5914. The patch is rather hacky as nsslapd-db-locks requires

Re: [Freeipa-devel] [PATCHES 0146-0152] Server Roles v2

On 06/07/2016 07:01 PM, Pavel Vomacka wrote: On 06/07/2016 12:07 PM, Martin Babinsky wrote: On 06/03/2016 05:25 PM, Martin Babinsky wrote: I am sending rebased patches implementing http://www.freeipa.org/page/V4/Server_Roles I hope the patches work since I have had a lot of fun rebasing them

Re: [Freeipa-devel] [PATCH] man: Decribe ipa-client-install workaround for broken D-Bus enviroment.

On 09.06.2016 10:03, Florence Blanc-Renaud wrote: On 06/09/2016 07:00 AM, David Kupka wrote: On 02/03/16 11:18, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5694 Sending updated version crafted with Flo's help, thanks. ACK. Thanks for your patience explaining the details,

[Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa From 5f59311092d7f2205287d8c2945325d1017c866a Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Thu, 9 Jun 2016 13:13:24 +0200 Subject: [PATCH] host/service-show/find shouldn't fail on invalid

[Freeipa-devel] [PATCH] 0208-0209 webUI changes for external trust and UPN suffixes

Hi, webUI changes to support external trust and showing UPN suffixes are attached. UPN Suffixes defined on AD side and fetched with 'ipa trust-fetch-domains'. They cannot be disabled individually as they come from AD side and are forest-wide, so we only show them, not allowing to modify anything

Re: [Freeipa-devel] [PATCH] 0208-0209 webUI changes for external trust and UPN suffixes

On Thu, Jun 09, 2016 at 02:30:52PM +0300, Alexander Bokovoy wrote: > Hi, > > webUI changes to support external trust and showing UPN suffixes are > attached. > > UPN Suffixes defined on AD side and fetched with 'ipa trust-fetch-domains'. > They cannot be disabled individually as they come from AD

Re: [Freeipa-devel] [PATCH] 0039-40: DNS Location: WebUI

On 06/09/2016 10:44 AM, Pavel Vomacka wrote: On 06/09/2016 10:15 AM, Pavel Vomacka wrote: On 06/08/2016 04:40 PM, Petr Vobornik wrote: On 06/07/2016 10:07 AM, Pavel Vomacka wrote: On 06/06/2016 07:51 PM, Martin Basti wrote: On 05.06.2016 18:34, Pavel Vomacka wrote: Hello, please r

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: > Hi, > > this patch allows the extom plugin to lookup users by certificate which > is needed in the case where a IPA client wants to lookup an AD user who > has the certificate stored in AD. To make this work the related patches > I just

Re: [Freeipa-devel] [PATCH] 0041: webui: add create/retrieve keytab tables for hosts

On 06/08/2016 03:32 PM, Pavel Vomacka wrote: > > > On 06/08/2016 02:20 PM, Petr Vobornik wrote: >> On 06/06/2016 04:17 PM, Pavel Vomacka wrote: >>> Hello, >>> >>> please review attached patch. >>> >>> Ticket: https://fedorahosted.org/freeipa/ticket/5931 >>> >> Also tables for host groups are need

Re: [Freeipa-devel] [PATCH] 0042: Fix bad searching of reverse DNS zone

On 06/08/2016 06:36 PM, Petr Vobornik wrote: > On 06/07/2016 10:30 AM, Pavel Vomacka wrote: >> >> >> On 06/07/2016 09:08 AM, Petr Spacek wrote: >>> Hi, >>> >>> the commit message does not say what was wrong and why and what works >>> now. >>> Please improve the commit message before pushing this. >

Re: [Freeipa-devel] [PATCH] 0041: webui: add create/retrieve keytab tables for hosts

On 06/09/2016 02:03 PM, Petr Vobornik wrote: On 06/08/2016 03:32 PM, Pavel Vomacka wrote: On 06/08/2016 02:20 PM, Petr Vobornik wrote: On 06/06/2016 04:17 PM, Pavel Vomacka wrote: Hello, please review attached patch. Ticket: https://fedorahosted.org/freeipa/ticket/5931 Also tables for h

Re: [Freeipa-devel] [PATCH] 0208-0209 webUI changes for external trust and UPN suffixes

On Thu, 09 Jun 2016, Sumit Bose wrote: On Thu, Jun 09, 2016 at 02:30:52PM +0300, Alexander Bokovoy wrote: Hi, webUI changes to support external trust and showing UPN suffixes are attached. UPN Suffixes defined on AD side and fetched with 'ipa trust-fetch-domains'. They cannot be disabled indiv

Re: [Freeipa-devel] [PATCH] 0039-40: DNS Location: WebUI

On 06/09/2016 02:00 PM, Pavel Vomacka wrote: > >> >> > And another revision. > ACK pushed to master: * 5a8ad3e9828c67e8ff9cc9dfc05458003f19c985 Add adapter attribute for choosing record * 5f48df48d4af740ba09197d0f07415e8e76e608e DNS Locations: WebUI part -- Petr Vobornik -- Manage your subs

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On Thu, 09 Jun 2016, Jakub Hrozek wrote: On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: Hi, this patch allows the extom plugin to lookup users by certificate which is needed in the case where a IPA client wants to lookup an AD user who has the certificate stored in AD. To make this

Re: [Freeipa-devel] [PATCH] 0059..0064 Lightweight sub-CAs

On 06/09/2016 08:44 AM, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 01:21:29AM +1000, Fraser Tweedale wrote: On Wed, Jun 08, 2016 at 01:00:36PM +0200, Jan Cholasta wrote: On 8.6.2016 05:15, Fraser Tweedale wrote: On Tue, Jun 07, 2016 at 03:42:22PM +1000, Fraser Tweedale wrote: On Wed, Jun

[Freeipa-devel] [PATCH 0500] regression: function resolve_rrsets: RRSet object is not hashable

This regression was introduce by https://fedorahosted.org/freeipa/ticket/5710 thus this should go to 4.3.2 as well Patch attached. From b47bd75ae4126a15a569fc45d2b3a2947ac25fa8 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Thu, 9 Jun 2016 14:09:45 +0200 Subject: [PATCH] Fix resolve_rrset

Re: [Freeipa-devel] [PATCH] 0041: webui: add create/retrieve keytab tables for hosts

On 06/09/2016 02:18 PM, Pavel Vomacka wrote: > > > On 06/09/2016 02:03 PM, Petr Vobornik wrote: >> On 06/08/2016 03:32 PM, Pavel Vomacka wrote: >>> >>> On 06/08/2016 02:20 PM, Petr Vobornik wrote: On 06/06/2016 04:17 PM, Pavel Vomacka wrote: > Hello, > > please review attached pa

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On 09.06.2016 14:22, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Jakub Hrozek wrote: On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: Hi, this patch allows the extom plugin to lookup users by certificate which is needed in the case where a IPA client wants to lookup an AD user w

Re: [Freeipa-devel] [PATCH] 0006 add context to exception on LdapEntry decode error

On 06/09/2016 11:58 AM, Florence Blanc-Renaud wrote: On 06/08/2016 01:14 PM, Stanislav Laznicka wrote: On 06/08/2016 01:13 PM, Stanislav Laznicka wrote: On 06/07/2016 05:11 PM, Florence Blanc-Renaud wrote: On 06/07/2016 04:08 PM, Stanislav Laznicka wrote: On 06/06/2016 02:47 PM, Florence B

Re: [Freeipa-devel] [PATCH] 0006 add context to exception on LdapEntry decode error

On 09.06.2016 14:31, Stanislav Laznicka wrote: On 06/09/2016 11:58 AM, Florence Blanc-Renaud wrote: On 06/08/2016 01:14 PM, Stanislav Laznicka wrote: On 06/08/2016 01:13 PM, Stanislav Laznicka wrote: On 06/07/2016 05:11 PM, Florence Blanc-Renaud wrote: On 06/07/2016 04:08 PM, Stanislav L

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On (09/06/16 14:29), Martin Basti wrote: >On 09.06.2016 14:22, Alexander Bokovoy wrote: >> On Thu, 09 Jun 2016, Jakub Hrozek wrote: >> > On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: >> > > Hi, >> > > >> > > this patch allows the extom plugin to lookup users by certificate which >> >

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On 09.06.2016 14:38, Lukas Slebodnik wrote: On (09/06/16 14:29), Martin Basti wrote: On 09.06.2016 14:22, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Jakub Hrozek wrote: On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: Hi, this patch allows the extom plugin to lookup users by

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On 09.06.2016 14:42, Martin Basti wrote: On 09.06.2016 14:38, Lukas Slebodnik wrote: On (09/06/16 14:29), Martin Basti wrote: On 09.06.2016 14:22, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Jakub Hrozek wrote: On Fri, May 20, 2016 at 09:23:46PM +0200, Sumit Bose wrote: Hi, this patch

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

Stanislav Laznicka wrote: Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa Just wondering out loud but should usercertificate be excluded from the output if it is unparsable? Is there any value in showing that a bogus value is in there? rob

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa Just wondering out loud but should usercertificate be excluded from the output if it is unparsable? Is there any value in s

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On 09.06.2016 15:02, Stanislav Laznicka wrote: On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa Just wondering out loud but should usercertificate be excluded from the o

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On 09.06.2016 15:03, Martin Basti wrote: On 09.06.2016 15:02, Stanislav Laznicka wrote: On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa Just wondering out loud but sh

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

Stanislav Laznicka wrote: On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the attached patch of https://fedorahosted.org/freeipa/ticket/5797. Standa Just wondering out loud but should usercertificate be excluded from the output if it is unparsabl

Re: [Freeipa-devel] [PATCH 0500] regression: function resolve_rrsets: RRSet object is not hashable

On 9.6.2016 14:25, Martin Basti wrote: > This regression was introduce by https://fedorahosted.org/freeipa/ticket/5710 > thus this should go to 4.3.2 as well > > > Patch attached. > ACK -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/ma

Re: [Freeipa-devel] [PATCH 0500] regression: function resolve_rrsets: RRSet object is not hashable

On 09.06.2016 15:40, Petr Spacek wrote: On 9.6.2016 14:25, Martin Basti wrote: This regression was introduce by https://fedorahosted.org/freeipa/ticket/5710 thus this should go to 4.3.2 as well Patch attached. ACK This was actually reproducible only with python3 (because some incompatibi

Re: [Freeipa-devel] [PATCHES 0146-0152] Server Roles v2

On 06/09/2016 01:02 PM, Martin Babinsky wrote: > On 06/07/2016 07:01 PM, Pavel Vomacka wrote: >> >> >> On 06/07/2016 12:07 PM, Martin Babinsky wrote: >>> On 06/03/2016 05:25 PM, Martin Babinsky wrote: I am sending rebased patches implementing http://www.freeipa.org/page/V4/Server_Roles >>

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On Thu, Jun 09, 2016 at 03:07:34PM +0200, Martin Basti wrote: > > > On 09.06.2016 15:03, Martin Basti wrote: > > > > > > On 09.06.2016 15:02, Stanislav Laznicka wrote: > > > On 06/09/2016 02:51 PM, Rob Crittenden wrote: > > > > Stanislav Laznicka wrote: > > > > > Hello, > > > > > > > > > > Ple

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 03:07:34PM +0200, Martin Basti wrote: On 09.06.2016 15:03, Martin Basti wrote: On 09.06.2016 15:02, Stanislav Laznicka wrote: On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the attached patch of ht

Re: [Freeipa-devel] [PATCH 0103-4] installer: Fix single command replica install with --setup-dns

On 06/09/2016 08:16 AM, David Kupka wrote: Should go into master, ipa-4-3 and ipa-4-2. https://fedorahosted.org/freeipa/ticket/5945 Works for me, ACK -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Cont

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On 09.06.2016 16:04, Fraser Tweedale wrote: On Thu, Jun 09, 2016 at 03:07:34PM +0200, Martin Basti wrote: On 09.06.2016 15:03, Martin Basti wrote: On 09.06.2016 15:02, Stanislav Laznicka wrote: On 06/09/2016 02:51 PM, Rob Crittenden wrote: Stanislav Laznicka wrote: Hello, Please see the

Re: [Freeipa-devel] [PATCH] 0059..0064 Lightweight sub-CAs

On Thu, Jun 09, 2016 at 12:36:35PM +0200, Jan Cholasta wrote: > On 9.6.2016 11:10, Fraser Tweedale wrote: > > On Thu, Jun 09, 2016 at 10:12:40AM +0200, Jan Cholasta wrote: > > > On 9.6.2016 08:44, Fraser Tweedale wrote: > > > > On Thu, Jun 09, 2016 at 01:21:29AM +1000, Fraser Tweedale wrote: > > >

[Freeipa-devel] [Testplan Review] Certs in ID overrides

Hi guys, Here is the first somewhat skeletal and pretty short version of the testplan. Could you please review it anyone? http://www.freeipa.org/page/V4/Certs_in_ID_overrides/Test_Plan -- Oleg Fayans Quality Engineer FreeIPA team RedHat. -- Manage your subscription for the Freeipa-devel mailin

Re: [Freeipa-devel] [Testplan Review] Certs in ID overrides

On Thu, Jun 09, 2016 at 04:48:57PM +0200, Oleg Fayans wrote: > Hi guys, > > Here is the first somewhat skeletal and pretty short version of the > testplan. Could you please review it anyone? > > http://www.freeipa.org/page/V4/Certs_in_ID_overrides/Test_Plan Hi Oleg, 'Make sure the id view is ap

Re: [Freeipa-devel] [PATCHES 0146-0152] Server Roles v2

On 06/09/2016 03:54 PM, Petr Vobornik wrote: On 06/09/2016 01:02 PM, Martin Babinsky wrote: On 06/07/2016 07:01 PM, Pavel Vomacka wrote: On 06/07/2016 12:07 PM, Martin Babinsky wrote: On 06/03/2016 05:25 PM, Martin Babinsky wrote: I am sending rebased patches implementing http://www.freeipa

[Freeipa-devel] [PATCH] pylint fixes

Hello, I've received a bunch of pylint fixes produced by upstream contributor who is not subscribed to the list so I'm resending them here. All credit goes to Bárta Jan <55042ba...@sstebrno.eu>. Flo, if you have time for it I think that it could be a good exercise which will lead you to various

Re: [Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid

On Thu, Jun 09, 2016 at 10:32:14AM -0400, Rob Crittenden wrote: > Fraser Tweedale wrote: > > On Thu, Jun 09, 2016 at 03:07:34PM +0200, Martin Basti wrote: > > > > > > > > > On 09.06.2016 15:03, Martin Basti wrote: > > > > > > > > > > > > On 09.06.2016 15:02, Stanislav Laznicka wrote: > > > > >

Re: [Freeipa-devel] [PATCH] 0036-38 webui: Server roles

On 06/08/2016 04:09 PM, Petr Vobornik wrote: On 06/05/2016 07:22 PM, Pavel Vomacka wrote: On 06/03/2016 03:10 PM, Petr Vobornik wrote: On 06/02/2016 01:40 PM, Pavel Vomacka wrote: Hello, please review my patches which add webui for server roles. Did not test yet. I'm waiting for rebase o

Re: [Freeipa-devel] [PATCH] 0204 adtrust: support GSSAPI authentication to LDAP as Active Directory user

On 06/06/2016 12:38 PM, Alexander Bokovoy wrote: Hi, In case an ID override was created for an Active Directory user in the default trust view, allow mapping the incoming GSSAPI authenticated connection to the ID override for this user. This allows to self-manage ID override parameters from the

Re: [Freeipa-devel] [PATCH] 0203 adtrust: remove ipanttrustpartner parameter

On 06/06/2016 01:37 PM, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Jan Cholasta wrote: On 6.6.2016 13:22, Martin Basti wrote: On 06.06.2016 13:14, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Martin Basti wrote: On 06.06.2016 12:36, Alexander Bokovoy wrote: Hi, MS-ADTS spec requires

Re: [Freeipa-devel] [PATCH] 0201 Add support for an external trust to Active Directory domain

On 06/07/2016 10:25 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Alexander Bokovoy wrote: > del attrs['ipanttrusttype'] > +if attributes: > +del attrs['ipanttrustattributes'] > """ Updated patch is attached. Another update, forgot one spa

Re: [Freeipa-devel] [PATCH] 0202 support UPNs for trusted domain users

On 06/07/2016 07:35 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/07/2016 06:38 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/06/2016 12:34 PM, Alexander Bokovoy wrote: Hi, Add support for additional user name principal suffix

Re: [Freeipa-devel] [PATCH] 0202 support UPNs for trusted domain users

On Thu, 09 Jun 2016, Martin Babinsky wrote: On 06/07/2016 07:35 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/07/2016 06:38 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/06/2016 12:34 PM, Alexander Bokovoy wrote: Hi, Add supp

Re: [Freeipa-devel] [PATCH] 0202 support UPNs for trusted domain users

On 06/09/2016 06:46 PM, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Martin Babinsky wrote: On 06/07/2016 07:35 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/07/2016 06:38 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/06/2016

Re: [Freeipa-devel] [PATCH] 0202 support UPNs for trusted domain users

On Thu, 09 Jun 2016, Martin Babinsky wrote: On 06/09/2016 06:46 PM, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Martin Babinsky wrote: On 06/07/2016 07:35 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Martin Babinsky wrote: On 06/07/2016 06:38 PM, Alexander Bokovoy wrote: On Tue, 07 Ju

[Freeipa-devel] [PATCH 0153-0158] move ipa-replica-manage del functionality into server-del

These patches expand `server_del` to a full fledged IPA master killer in domain level 1. Due to 'server uninstallation removed master from topology' use case, the individual steps are not in the same order as in the original code to facilitate self-removal from topology without introducing an

[Freeipa-devel] [PATCH 0501] Revert: switch /usr/bin/ipa to python3

Py3 support was enabled prematurely, attached patches removes python3 from /usr/bin/ipa Notes: * ipa 4.3.x won't have enabled py3 * master (ipa 4.4+) will have disabled py3 temporarily From c6bdd4bf73332438bb429c32dac9598ce465f11d Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Thu, 9 Jun

Re: [Freeipa-devel] [PATCH] 0156 extdom: add certificate request

On 09.06.2016 14:45, Martin Basti wrote: On 09.06.2016 14:42, Martin Basti wrote: On 09.06.2016 14:38, Lukas Slebodnik wrote: On (09/06/16 14:29), Martin Basti wrote: On 09.06.2016 14:22, Alexander Bokovoy wrote: On Thu, 09 Jun 2016, Jakub Hrozek wrote: On Fri, May 20, 2016 at 09:23:46

Re: [Freeipa-devel] [PATCH] 0201 Add support for an external trust to Active Directory domain

On 09.06.2016 18:03, Martin Babinsky wrote: On 06/07/2016 10:25 PM, Alexander Bokovoy wrote: On Tue, 07 Jun 2016, Alexander Bokovoy wrote: > del attrs['ipanttrusttype'] > +if attributes: > +del attrs['ipanttrustattributes'] > """ Updated pat

Re: [Freeipa-devel] [PATCH] 0203 adtrust: remove ipanttrustpartner parameter

On 09.06.2016 17:56, Martin Babinsky wrote: On 06/06/2016 01:37 PM, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Jan Cholasta wrote: On 6.6.2016 13:22, Martin Basti wrote: On 06.06.2016 13:14, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Martin Basti wrote: On 06.06.2016 12:36, Alexa

Re: [Freeipa-devel] [PATCH] 0204 adtrust: support GSSAPI authentication to LDAP as Active Directory user

On 09.06.2016 17:49, Martin Babinsky wrote: On 06/06/2016 12:38 PM, Alexander Bokovoy wrote: Hi, In case an ID override was created for an Active Directory user in the default trust view, allow mapping the incoming GSSAPI authenticated connection to the ID override for this user. This allows

Re: [Freeipa-devel] [PATCH] 0203 adtrust: remove ipanttrustpartner parameter

On Thu, 09 Jun 2016, Martin Basti wrote: On 09.06.2016 17:56, Martin Babinsky wrote: On 06/06/2016 01:37 PM, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Jan Cholasta wrote: On 6.6.2016 13:22, Martin Basti wrote: On 06.06.2016 13:14, Alexander Bokovoy wrote: On Mon, 06 Jun 2016, Martin

Re: [Freeipa-devel] [PATCH] 0204 adtrust: support GSSAPI authentication to LDAP as Active Directory user

On Thu, 09 Jun 2016, Martin Basti wrote: On 09.06.2016 17:49, Martin Babinsky wrote: On 06/06/2016 12:38 PM, Alexander Bokovoy wrote: Hi, In case an ID override was created for an Active Directory user in the default trust view, allow mapping the incoming GSSAPI authenticated connection to t

Re: [Freeipa-devel] [PATCH 0501] Revert: switch /usr/bin/ipa to python3

On 9.6.2016 20:57, Martin Basti wrote: Py3 support was enabled prematurely, attached patches removes python3 from /usr/bin/ipa Notes: * ipa 4.3.x won't have enabled py3 * master (ipa 4.4+) will have disabled py3 temporarily NACK. you reverted this bit wrong: -%if 0%{?with_python3} -Require