On Tue, 2010-01-05 at 14:10 +0100, Pavel Zuna wrote:
> The backend.Connectible base class was designed, so that only one instance of
> each subclass is used at a time. Connectible generates a Connection object
> for
> each thread and stores it in thread-local storage (context). Subclasses
> acc
Require a fully-qualified hostname in ipa-join. The server side will
enforce this as well but better to catch it early.
rob
freeipa-344-join.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redha
Allow the priority to be updated and fix the description of priority
ordering. Lower wins, not higher.
I also had to add the option to not normalize to a few more functions in
ldap2. I have to craft a very specifically-formatted DN for it to be
understood by the krb5 server.
rob
freeipa-34
On Fri, 2009-12-18 at 11:05 -0500, Rob Crittenden wrote:
> Use the caIPAserviceCert profile for issuing service certs.
>
> This profile enables subject validation and ensures that the subject
> that the CA issues is uniform. The client can only request a specific
> CN, the rest of the subject is
Rob Crittenden wrote:
> tatiana philippova wrote:
>> also noticed next in
>> /var/log/dirsrv/slapd-INTERNAL-BULLETIN-NET/errors :
>> [08/Jan/2010:10:02:38 +1300] ipa_pwd_extop - krb5_c_string_to_key
>> failed [Bad encryption type]
>> [08/Jan/2010:10:02:38 +1300] ipa_pwd_extop - key encryption/enco
Pavel Zuna wrote:
Alright, here's my first shot at the Kerberos Ticket Policy management
plugin.
It is also a "new type" of plugin. What I mean by that is that it takes
an optional primary key (username) as its first argument. If used,
policy for a specific user is being managed. If not, the
tatiana philippova wrote:
Hi Rob,
many thanks for reply, here is information requested
On Fri, Jan 8, 2010 at 4:10 AM, Rob Crittenden wrote:
tatiana philippova wrote:
Hi , I have an issue with freeipa v 1.9.0.pre1 on Fedora12 (virtual)
..actually - not just one issue, a couple of them.
freei