- kdb: PAC generator: do not fail if canonical principal is missing
Resolves: RHEL-23630
- ipa-kdb: Fix memory leak during PAC verification
Resolves: RHEL-22644
- Fix session cookie access
Resolves: RHEL-23622
- Do not ignore staged users in sidgen plugin\
Resovlves: RHEL-23626
- ipa-kdb: Disable Bronze-Bit check if PAC not available
Resolves: RHEL-22313
- krb5kdc: Fix start when pkinit and otp auth type are enabled
Resolves: RHEL-4874
- hbactest was not collecting or returning messages
Resolves: RHEL-12780
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- Improve server affinity for CA-less deployments
Resolves: RHEL-22283
- host: update system: Manage Host Keytab permission
Resolves: RHEL-22286
- adtrustinstance: make sure NetBIOS name defaults are set properly
Resolves: RHEL-21938
- ipatests: Fix healthcheck report when nsslapd accesslog logbuffering is set to off
Resolves: RHEL-19672
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- ipa-kdb: fix error handling of is_master_host()
Resolves: RHBZ#2214638
- ipatests: enable firewall rule for http service on acme client
Resolves: RHBZ#2230256
- User plugin: improve error related to non existing idp
Resolves: RHBZ#2224572
- Prevent admin user from being deleted
Resolves: RHBZ#1821181
- Fix memory leak in the OTP last token plugin
Resolves: RHBZ#2227783
ipa-healthcheck:
- Error in DogtagCertsConnectivityCheckCA with external CA
Resolves: #2223942
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
The 'warn' parameter of Ansible 'shell' and 'command' builtin plugins
was deprecated in Ansible 2.11 and removed in Ansible 2.14. This patch
fixes 'baseos-ci.redhat-module.tier0.functional' tests that were failing
due to the use of the parameter on newer versions of Ansible.
- Rebase ipa to 4.9.12
Resolves: RHBZ#2196425
- user or group name: explain the supported format
Resolves: RHBZ#2150217
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>