- Resolves: rhbz#2141315
[Rebase] Rebase ipa to latest 4.10.x release for RHEL 9.2
- Resolves: rhbz#2094673
ipa-client-install should just use system wide CA store and do not specify TLS_CACERT in ldap.conf
- Resolves: rhbz#2117167
After leapp upgrade on ipa-client ipa-server package installation failed. (`REQ_FULL_WITH_MEMBERS` returns object from wrong domain)
- Resolves: rhbz#2127833
Password Policy Grace login limit allows invalid maximum value
- Resolves: rhbz#2143224
[RFE] add certificate support to ipa-client instead of one time password
- Resolves: rhbz#2144736
vault interoperability with older RHEL systems is broken
- Resolves: rhbz#2148258
ipa-client-install does not maintain server affinity during installation
- Resolves: rhbz#2148379
Add warning for empty targetattr when creating ACI with RBAC
- Resolves: rhbz#2148380
OTP token sync always returns OK even with random numbers
- Resolves: rhbz#2148381
Deprecated feature idnssoaserial in IdM appears when creating reverse dns zones
- Resolves: rhbz#2148382
Introduction of URI records for kerberos breaks location functionality
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
- Resolves: rhbz#747959
[RFE] Support random serial numbers in IPA certificates
- Resolves: rhbz#2100227
[UX] Preserving a user account produces output saying it was deleted
- Resolves: rhbz#2079469 [Rebase] Rebase ipa to latest 4.9.x release
- Resolves: rhbz#2012911 named journalctl logs shows 'zone testrealm.test/IN: serial (serialnumber) write back to LDAP failed.'
- Resolves: rhbz#2069202 [RFE] add support for authenticating against external IdP services using OAUTH2 preauthenticaiton mechanism provided by SSSD
- Resolves: rhbz#2083218 ipa-dnskeysyncd floods /var/log/messages with DEBUG messages
- Resolves: rhbz#2089750 RFE: Improve error message with more detail for ipa-replica-install command
- Resolves: rhbz#2091988 [RFE] Add code to check password expiration on ldap bind
- Resolves: rhbz#2094400 [RFE] ipa-client-install should provide option to enable subid: sss in /etc/nsswitch.conf
- Resolves: rhbz#2096922 secret in ipa-pki-proxy.conf is not changed if new requiredSecret value is present in /etc/pki/pki-tomcat/server.xml
- Resolves: rhbz#1969351 Rebase IPA to latest 4.9.x version
- Resolves: rhbz#1976288 ansible-freeipa automember test fails with `automember_add_condition: testgroup: 'objectclass'` due to ldap cache
- Resolves: rhbz#1975139 Upgrade error: Add failure missing required attribute "objectclass"
- Resolves: rhbz#1973024 CA_less ipa-server-install fails if CA cert subject contains non ascii chars
- Resolves: rhbz#1966101 [RFE] - IDM - Allow specifying permanent logging settings for BIND
- Resolves: rhbz#1962570 IPA in c9s should not require redhat-logos-ipa as a runtime package
- Resolves: rhbz#1957736 [RFE] IPA to allow configuring auto-private-groups at idrange level
