Cross Reference: /sssd-io/src/providers/ipa/ipa

DP: Switch to new interface Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

History log of /sssd-io/src/providers/ipa/ipa_id.h
Revision	Date	Author	Comments Expand
f2e8a7c3230fac11175c0bd17c14c66a8e9b25ad	29-Jul-2016	Sumit Bose <sbose@redhat.com>	IPA: make ipa_resolve_user_list_{send\|recv} public and allow AD users Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_id.c ipa_id.h
3d29430867cf92b2d71afa95abb679711231117c	15-Jul-2016	Pavel Březina <pbrezina@redhat.com>	DP: rename be_acct_req to dp_id_data Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_id.h /sssd-io/src/providers/ad/ad_init.c /sssd-io/src/providers/ad/ad_pac.c /sssd-io/src/providers/ad/ad_pac.h /sssd-io/src/providers/data_provider/dp_custom_data.h /sssd-io/src/providers/data_provider/dp_target_id.c ipa_id.c ipa_id.h ipa_init.c ipa_s2n_exop.c ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c ipa_views.c /sssd-io/src/providers/ldap/ldap_common.h /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap_refresh.c /sssd-io/src/providers/proxy/proxy.h /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/tests/cmocka/test_ad_common.c
dea636af4d1902a081ee891f1b19ee2f8729d759	20-Jun-2016	Pavel Březina <pbrezina@redhat.com>	DP: Switch to new interface Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> /sssd-io/Makefile.am /sssd-io/src/providers/ad/ad_access.c /sssd-io/src/providers/ad/ad_access.h /sssd-io/src/providers/ad/ad_autofs.c /sssd-io/src/providers/ad/ad_common.h /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_id.h /sssd-io/src/providers/ad/ad_init.c /sssd-io/src/providers/ad/ad_subdomains.c /sssd-io/src/providers/ad/ad_subdomains.h /sssd-io/src/providers/ad/ad_sudo.c /sssd-io/src/providers/backend.h /sssd-io/src/providers/data_provider/dp_custom_data.h /sssd-io/src/providers/data_provider/dp_iface.c /sssd-io/src/providers/data_provider/dp_iface.h /sssd-io/src/providers/data_provider/dp_target_auth.c /sssd-io/src/providers/data_provider/dp_target_autofs.c /sssd-io/src/providers/data_provider/dp_target_hostid.c /sssd-io/src/providers/data_provider/dp_target_id.c /sssd-io/src/providers/data_provider/dp_target_subdomains.c /sssd-io/src/providers/data_provider/dp_target_sudo.c /sssd-io/src/providers/data_provider_be.c /sssd-io/src/providers/data_provider_req.c /sssd-io/src/providers/data_provider_req.h ipa_access.c ipa_access.h ipa_auth.c ipa_auth.h ipa_autofs.c ipa_common.h ipa_hbac_common.c ipa_hostid.c ipa_hostid.h ipa_id.c ipa_id.h ipa_init.c ipa_selinux.c ipa_selinux.h ipa_subdomains.c ipa_subdomains.h ipa_subdomains_ext_groups.c ipa_subdomains_id.c ipa_subdomains_server.c ipa_sudo.c /sssd-io/src/providers/krb5/krb5_auth.c /sssd-io/src/providers/krb5/krb5_auth.h /sssd-io/src/providers/krb5/krb5_common.h /sssd-io/src/providers/krb5/krb5_init.c /sssd-io/src/providers/ldap/ldap_access.c /sssd-io/src/providers/ldap/ldap_auth.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/ldap_common.h /sssd-io/src/providers/ldap/ldap_id.c /sssd-io/src/providers/ldap/ldap_init.c /sssd-io/src/providers/ldap/sdap_access.h /sssd-io/src/providers/ldap/sdap_autofs.c /sssd-io/src/providers/ldap/sdap_autofs.h /sssd-io/src/providers/ldap/sdap_idmap.c /sssd-io/src/providers/ldap/sdap_online_check.c /sssd-io/src/providers/ldap/sdap_sudo.c /sssd-io/src/providers/ldap/sdap_sudo.h /sssd-io/src/providers/proxy/proxy.h /sssd-io/src/providers/proxy/proxy_auth.c /sssd-io/src/providers/proxy/proxy_client.c /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/simple/simple_access.c /sssd-io/src/providers/simple/simple_access_check.c /sssd-io/src/responder/autofs/autofssrv_dp.c /sssd-io/src/responder/common/responder_dp.c /sssd-io/src/responder/ssh/sshsrv_dp.c /sssd-io/src/responder/sudo/sudosrv_dp.c /sssd-io/src/tests/cmocka/test_nested_groups.c /sssd-io/src/tests/simple_access-tests.c
c371993cce13edb9185a5f0db76fbee03f0edc04	13-Apr-2016	Sumit Bose <sbose@redhat.com>	IPA: resolve PAC for trusted users on IPA clients Reviewed-by: Pavel Březina <pbrezina@redhat.com> ipa_id.h ipa_s2n_exop.c ipa_subdomains_id.c
42bd89dbe77846b6ee60365bba50da521745bca1	23-Sep-2015	Jakub Hrozek <jhrozek@redhat.com>	IPA: Retry fetching keytab if IPA user lookup fails Required for: https://fedorahosted.org/sssd/ticket/2639 Instead of calling ipa_get_ad_acct_send directly, call a new request ipa_srv_ad_acct_send. The new request wraps ipa_get_ad_acct_send and either tries to request a new keytab every time the lookup fails but the domain is online. be_mark_dom_offline() is called when the retry fails with the new code. The retry tries to re-setup the trusted domain. With two-way setups, the request is a no-op. With one-way trust setups, the request re-fetches new keytab unconditionally. Reviewed-by: Sumit Bose <sbose@redhat.com> ipa_id.h ipa_subdomains_id.c
145578006684481434ced78461ab8d1c3570f478	05-May-2015	Sumit Bose <sbose@redhat.com>	IPA: enhance ipa_initgr_get_overrides_send() This patch makes ipa_initgr_get_overrides_send() public and add support to search overrides by UUID or by SID. Related to https://fedorahosted.org/sssd/ticket/2633 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> /sssd-io/src/db/sysdb_views.c ipa_id.c ipa_id.h
d32b165fad7b89462f49c82349e1df5a2343afa2	13-Jan-2015	Sumit Bose <sbose@redhat.com>	IPA: add get_be_acct_req_for_user_name() Related to https://fedorahosted.org/sssd/ticket/2481 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_id.h ipa_views.c
f1436acde39da5f1400a51153cf7fd370682a4c8	20-Nov-2014	Sumit Bose <sbose@redhat.com>	IPA: make get_object_from_cache() public Related to https://fedorahosted.org/sssd/ticket/2481 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_id.h ipa_subdomains_id.c
1c82a31a254c2fca6dfa3e3b52986b75221d8742	20-Nov-2014	Sumit Bose <sbose@redhat.com>	ipa: add get_be_acct_req_for_uuid() This new call creates the needs data for a lookup by UUID which is needed when trying to find the original object for an IPA override object. Related to https://fedorahosted.org/sssd/ticket/2481 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> ipa_id.h ipa_views.c
8eb981dd8bc85aee7a913c6f0096ad47f3382339	20-Nov-2014	Sumit Bose <sbose@redhat.com>	ipa: add split_ipa_anchor() This call extracts the domain and the UUID part from an IPA override anchor. Related to https://fedorahosted.org/sssd/ticket/2481 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> /sssd-io/Makefile.am ipa_id.h ipa_utils.c /sssd-io/src/tests/cmocka/test_sysdb_views.c
ed4a9bd4d0f7fb359bed66a8d63a92e7be633aae	16-Oct-2014	Sumit Bose <sbose@redhat.com>	views: search overrides for user and group requests If the name or the POSIX ID of a user or a group is overridden the search request for those objects have to check the overide objects first before looking up the original objects. This patch adds a new request for the IPA sub-domain users which checks the overrides first if - SSSD is running in ipa-server-mode and a name or a POSIX ID is searched, since we do not override the SIDs we can skip the search in the override tree here - if the responder indicates it has not found the corresponding object in the cache and the input might be an override name or ID and not the original one of an object. If an override object was found the SID is extracted from the anchor attribute and the original object is search by its SID. If no override object was found the original object is search with the original input and finally it is checked if an override object exits for the found object. Relates to https://fedorahosted.org/sssd/ticket/2375 Reviewed-by: Pavel Březina <pbrezina@redhat.com> /sssd-io/src/providers/data_provider.h ipa_id.c ipa_id.h ipa_s2n_exop.c ipa_subdomains_id.c ipa_views.c
0f3df54840ec9a050cc0b1b68269c3f28c859e64	16-Oct-2014	Sumit Bose <sbose@redhat.com>	views: add ipa_get_ad_override_send() Related to https://fedorahosted.org/sssd/ticket/2375 Reviewed-by: Pavel Březina <pbrezina@redhat.com> /sssd-io/Makefile.am ipa_id.h ipa_views.c
08ab0d4ede41a1749e0bc26f78a37a4d10c20db8	16-Oct-2014	Sumit Bose <sbose@redhat.com>	IPA: add view support and get view name Related to https://fedorahosted.org/sssd/ticket/2375 Reviewed-by: Pavel Březina <pbrezina@redhat.com> /sssd-io/src/config/SSSDConfig/__init__.py.in /sssd-io/src/config/etc/sssd.api.d/sssd-ipa.conf /sssd-io/src/db/sysdb.h /sssd-io/src/man/sssd-ipa.5.xml ipa_common.c ipa_common.h ipa_id.h ipa_init.c ipa_opts.h ipa_subdomains.c
00c283ca719717ed483958571982d0e9ff95c4b1	16-Oct-2014	Sumit Bose <sbose@redhat.com>	IPA: make IPA ID context available to extdom client code Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> ipa_id.c ipa_id.h ipa_s2n_exop.c ipa_subdomains_id.c
3d28e0e560b787b5c57ed7327d184310342a7e38	28-Jun-2013	Jakub Hrozek <jhrozek@redhat.com>	IPA: Look up AD users directly if IPA server mode is on https://fedorahosted.org/sssd/ticket/1962 If the ipa_server_mode is selected IPA subdomain user and group lookups are not done with the help of the extdom plugin but directly against AD using the AD ID code. /sssd-io/src/providers/ad/ad_id.c /sssd-io/src/providers/ad/ad_id.h ipa_common.h ipa_id.c ipa_id.h ipa_subdomains_id.c
2962b3d1e072ff2ebbe343095812dad697d6bf1d	02-May-2013	Sumit Bose <sbose@redhat.com>	Use struct to hold different types of request parameters Currently the POSIX ID or the user name are passed in different parameters to some calls. The method will get cumbersome and error-prone if new parameters like, e.g. the SID, are added. This patch adds a union to hold the different kind of parameters. ipa_id.h ipa_s2n_exop.c ipa_subdomains.h ipa_subdomains_id.c
44c379a27a2d8de0ad933ebb2558b5e82b05fd56	02-May-2013	Sumit Bose <sbose@redhat.com>	Remove unused attribute list ipa_id.h ipa_s2n_exop.c ipa_subdomains_id.c
791abc91fd8b2a7f73511ab8051df1065f9f54b2	04-Dec-2012	Simo Sorce <simo@redhat.com>	Fix ipa_subdomain_id names and tevent_req style ipa_id.c ipa_id.h ipa_subdomains_id.c
881c4ba834b23ae651ac01db667801f314eb0a5d	24-Apr-2012	Jan Zeleny <jzeleny@redhat.com>	Add ID operations in subdomains /sssd-io/Makefile.am ipa_id.c ipa_id.h ipa_subdomains_id.c
36a12aea020a935ffa40505fa02860c3d921ad0c	24-Apr-2012	Sumit Bose <sbose@redhat.com>	Add s2n extended operation /sssd-io/Makefile.am ipa_id.h ipa_s2n_exop.c
bd92e8ee315d4da9350b9ef0358c88a7b54aeebe	04-Feb-2012	Stephen Gallagher <sgallagh@redhat.com>	NSS: Add individual timeouts for entry types https://fedorahosted.org/sssd/ticket/1016 /sssd-io/src/confdb/confdb.c /sssd-io/src/confdb/confdb.h /sssd-io/src/config/SSSDConfig.py /sssd-io/src/config/SSSDConfigTest.py /sssd-io/src/config/etc/sssd.api.conf /sssd-io/src/man/sssd.conf.5.xml ipa_common.c ipa_common.h ipa_id.c ipa_id.h ipa_netgroups.c /sssd-io/src/providers/ldap/ldap_common.c /sssd-io/src/providers/ldap/sdap.h /sssd-io/src/providers/ldap/sdap_async_groups.c /sssd-io/src/providers/ldap/sdap_async_netgroups.c /sssd-io/src/providers/ldap/sdap_async_services.c /sssd-io/src/providers/ldap/sdap_async_users.c /sssd-io/src/providers/proxy/proxy.h /sssd-io/src/providers/proxy/proxy_id.c /sssd-io/src/providers/proxy/proxy_init.c /sssd-io/src/providers/proxy/proxy_netgroup.c /sssd-io/src/providers/proxy/proxy_services.c /sssd-io/src/responder/nss/nsssrv_netgroup.c
8edf0e447266d68f10264eb3f3ea514cd1687041	19-Dec-2011	Jakub Hrozek <jhrozek@redhat.com>	Pass sdap_id_ctx to online check from IPA provider ipa_id.c ipa_id.h ipa_init.c /sssd-io/src/providers/ldap/ldap_common.h /sssd-io/src/providers/ldap/ldap_id.c
8b1f2574ce7a964965a18ab047ab09c4694380c4	23-Nov-2011	Jan Zeleny <jzeleny@redhat.com>	Added IPA account info handler Currently it is only handling netgroups by itself, other requests are forwarded to LDAP provider. /sssd-io/Makefile.am ipa_id.c ipa_id.h ipa_init.c