Bug 459729
Description
Rich Megginson
2008-08-21 17:13:50 UTC
Created attachment 314729 [details]
Initial-addition-of-ipa-winsync-plugin
Created attachment 314730 [details]
add ipa-winsync to ipa makefiles, spec files
Created attachment 314731 [details]
add support for posixAccount
Created attachment 314732 [details]
ipa-winsync-config.c handles dynamic config changes
Created attachment 314733 [details]
fix some memory leaks
Created attachment 314844 [details]
ifdef out some testing code
Created attachment 314845 [details]
library name is libipa_winsync not libipa-winsync
Created attachment 316460 [details]
Support IPA in IPA server install and ipa-replica-manage
This patch adds support for Windows Sync and the IPA Winsync plugin ipa-server-install and ipa-replica-manage
server install will just install the plugin config entry.
A Windows Sync agreement is added via ipa-replica-manage add. I had to add additional flags to make it work:
--port=PORT port number of other server
--binddn=BINDDN Bind DN to use with remote server
--bindpw=BINDPW Password for Bind DN to use with remote server
--winsync This is a Windows Sync Agreement
--cacert=CACERT Full path and filename of CA certificate to use with
TLS/SSL to the remote server
In this section, there's an error message referring to the pam passthru plug-in since hte config code was based on that. This message needs to be changed. https://bugzilla.redhat.com/attachment.cgi?id=314732&action=diff#a/ipa-server/ipa-slapi-plugins/ipa-winsync/ipa-winsync-config.c_sec1 110 if ( inited ) { 111 slapi_log_error( SLAPI_LOG_FATAL, IPA_WINSYNC_PLUGIN_NAME, 112 "only one PAM pass through plugin instance can be used\n" ); 113 return( LDAP_PARAM_ERROR ); 114 } In ipa-winsync.c, there's a comment stating the following: "ntUniqueId and ntUserDomainId are indexed for equality only - need to add presence?" We should make sure to add the right indexes in the install/upgrade code for the filters we use in the plug-in. Aside from that and the issue I pointed out in comment#10, the attachments from comment#1-7 look good. Created attachment 317002 [details]
fix issues brought up by code review
Addresses the issues mentioned by Nathan and by Rob on the mail list.
Created attachment 317807 [details]
Add account disable and force sync
Created attachment 318214 [details]
patch - fix code review issues
Created attachment 319412 [details]
patch - add winsync options to man page
Created attachment 319413 [details]
add winsync support to replica manage cli
Created attachment 319414 [details]
patch - do not stop the server conditionally - always stop it
Created attachment 319415 [details]
patch - add eq,pres indices to existing index config entries
Created attachment 319416 [details]
patch - ipa-winsync plugin does not depend on MMR
Created attachment 319786 [details]
add --win-subtree argument to ipa-replica-manage
Created attachment 320039 [details]
do not store the OUs in the entry when flattening
Created attachment 320040 [details]
add update for winsync attribute indexes
Patches have been committed to master and 1.2 branch: commit f02d1429cadd2f6926a0094187ff467a5eb55220 commit 5c56c43693b4b7a5da25777a8a441f596ed2fa84 commit 9f18858e5826eab7430a4edb1b988ef45eaa8b65 commit 0988e1c53c34e474606813d0e3adce1e090c98e7 commit d3637dde7cc56970dec7c36db3d7478e5d04b28e commit 38154073a88f5608d9b33854d3282687fb422bad commit 28195610f6f768179159f841887745dcbee27b2d commit 068ed81195131781b8ec88a7c4cc3df2604c978a commit 0e346ff6fbc722d805b7fdf2710f169d5e62ab68 commit 69180c2dccb82c6bb6b9a058309294f80f1c05d6 commit e8bebebc2346c381e4b30a4995aff38b553695f6 commit be5e783f72c987603288522a21e7f9bab1e9bd9a commit 5a5bfa2c70a15a0be20d92fae72faefcc619d18b commit 2a2bc851bdccb9402ec02a08deaa4e9945925908 commit 434f9aca6abe6055de4d92b5e082666027387388 commit 4bc89c427e5ecc47052a7489a9d4f8d18fbc1856 commit c80ecc8c2af350483f3316727395cb0e5bb3600e commit 61b5a95dd12ffc1efa5c14b2caedc8c002c2d18f commit 6454956d51f5a99f80f63475ae38d422ebc4432d commit 09514965931d91b8b88841e14493b5213bf381a3 *** Bug 436119 has been marked as a duplicate of this bug. *** test and verified based on our PRD requirement. bug closed. *** Bug 436236 has been marked as a duplicate of this bug. *** |