- Add ipa-idrange-fix
Resolves: RHEL-56920
- Unconditionally add MS-PAC to global config on update
Resolves: RHEL-49437
- ipatests: Update ipa-adtrust-install test
Resolves: RHEL-40894
- Require python-qrcode version 5.3 or later
Related: RHEL-15090
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- Allow the admin user to be disabled
Resolves: RHEL-34756
- ipa-otptoken-import: open the key file in binary mode
Resolves: RHEL-39616
- ipa-crlgen-manage: manage the cert status task execution time
Resolves: RHEL-30280
- idrange-add: add a warning because 389ds restart is required
Resolves: RHEL-28996
- PKINIT certificate: fix renewal on hidden replica
Resolves: RHEL-4913, RHEL-45908
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- dcerpc: invalidate forest trust intfo cache when filtering out realm domains
Resolves: RHEL-28559
- Backport latests test fixes in python3-tests
ipatests: add xfail for autoprivate group test with override
ipatests: remove xfail thanks to sssd 2.9.4
ipatests: adapt for new automembership fixup behavior
ipatests: Fixes for test_ipahealthcheck_ipansschainvalidation testcases
test_xmlrpc: adopt to automember plugin message changes in 389-ds
Resolves: RHEL-29908
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- kdb: PAC generator: do not fail if canonical principal is missing
Resolves: RHEL-23630
- ipa-kdb: Fix memory leak during PAC verification
Resolves: RHEL-22644
- Fix session cookie access
Resolves: RHEL-23622
- Do not ignore staged users in sidgen plugin\
Resovlves: RHEL-23626
- ipa-kdb: Disable Bronze-Bit check if PAC not available
Resolves: RHEL-22313
- krb5kdc: Fix start when pkinit and otp auth type are enabled
Resolves: RHEL-4874
- hbactest was not collecting or returning messages
Resolvez: RHEL-12780
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- Improve server affinity for CA-less deployments
Resolves: RHEL-22283
- host: update system: Manage Host Keytab permission
Resolves: RHEL-22286
- adtrustinstance: make sure NetBIOS name defaults are set properly
Resolves: RHEL-21938
- ipatests: Fix healthcheck report when nsslapd accesslog logbuffering is set to off
Resolves: RHEL-19672
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
- ipa-kdb: fix error handling of is_master_host()
Resolves: RHBZ#2214638
- ipatests: enable firewall rule for http service on acme client
Resolves: RHBZ#2230256
- User plugin: improve error related to non existing idp
Resolves: RHBZ#2224572
- Prevent admin user from being deleted
Resolves: RHBZ#1821181
- Fix memory leak in the OTP last token plugin
Resolves: RHBZ#2227783
- Rebase ipa to 4.9.12
Resolves: RHBZ#2196425
- user or group name: explain the supported format
Resolves: RHBZ#2150217
Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>