Simo Sorce wrote:
I guess so.
Ok, removed the duplicate krbMKey and pushed to master
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On Tue, 30 Nov 2010 10:28:41 -0500
Rob Crittenden wrote:
> Simo Sorce wrote:
> > On Wed, 17 Nov 2010 15:07:03 -0500
> > Rob Crittenden wrote:
> >
> >> +aci: (targetattr != "userPassword || krbPrincipalKey ||
> >> sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
> >> krbPrincip
Simo Sorce wrote:
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden wrote:
+aci: (targetattr != "userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey ||
krbTicketPolicyReference ||
Simo Sorce wrote:
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden wrote:
+aci: (targetattr != "userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey ||
krbTicketPolicyReference ||
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden wrote:
> +aci: (targetattr != "userPassword || krbPrincipalKey ||
> sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey ||
> krbPrincipalName || krbCanonicalName || krbUPEnabled || krbMKey ||
> krbTicketPolicyReference || krbPrincipal
Simo Sorce wrote:
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden wrote:
aci: (targetattr != "userPassword || krbPrincipalKey ||
sambaLMPassword || sambaNTPassword || passwordHistory ||
krbMKey")(version 3.0; acl "Enable Anonymous access"; allow (read,
search, compare) userdn = "ldap:///an
On Wed, 17 Nov 2010 15:07:03 -0500
Rob Crittenden wrote:
> aci: (targetattr != "userPassword || krbPrincipalKey ||
> sambaLMPassword || sambaNTPassword || passwordHistory ||
> krbMKey")(version 3.0; acl "Enable Anonymous access"; allow (read,
> search, compare) userdn = "ldap:///anyone";;) -aci:
Rob Crittenden wrote:
Jakub Hrozek wrote:
On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote:
The list of attributes that a host bound as itself could write was
overly broad.
A host can now only update its description, information about itself
such as OS release, etc, its certifica
Jakub Hrozek wrote:
On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote:
The list of attributes that a host bound as itself could write was
overly broad.
A host can now only update its description, information about itself
such as OS release, etc, its certificate, password and keytab
On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote:
> The list of attributes that a host bound as itself could write was
> overly broad.
>
> A host can now only update its description, information about itself
> such as OS release, etc, its certificate, password and keytab.
>
> https:
The list of attributes that a host bound as itself could write was
overly broad.
A host can now only update its description, information about itself
such as OS release, etc, its certificate, password and keytab.
https://fedorahosted.org/freeipa/ticket/416
rob
>From 9bb5fbc682bf290b81e5b86efcaf
11 matches
Mail list logo