1. 06 Apr, 2021 1 commit
  2. 29 Mar, 2021 1 commit
  3. 20 Feb, 2021 2 commits
    • Sumit Bose's avatar
      Bump version number · 9027d9d1
      Sumit Bose authored
      9027d9d1
    • Sumit Bose's avatar
      Add account-disable option · 910adb4e
      Sumit Bose authored
      A new option was added to 'adcli update' toggle the ACCOUNTDISABLE flag
      of AD's userAccountControl LDAP attribute to disable or enable the given
      host account.
      
      'adcli join' will automatically enable the host account.
      
      Resolves: #21
      910adb4e
  4. 10 Dec, 2020 1 commit
  5. 12 Nov, 2020 7 commits
  6. 11 Nov, 2020 1 commit
  7. 20 Oct, 2020 1 commit
    • Sumit Bose's avatar
      join/update: set dNSHostName if not set · beb7abfa
      Sumit Bose authored
      If during a join or update an existing AD computer object does not have
      the dNSHostName attribute set it will be set with the current hostname.
      This is important for cases where the user doing the join or update only
      has "Validated write to service principal name" for the computer object.
      The validated write with fully-qualified names can only be successful if
      dNSHostName is set, see [MS-ADTS] section 3.1.1.5.3.1.1.4 "Validated
      Writes - servicePrincipalName" for details.
      
      Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1734764
      beb7abfa
  8. 14 Oct, 2020 1 commit
  9. 13 Aug, 2020 1 commit
  10. 15 Jun, 2020 2 commits
  11. 05 Jun, 2020 2 commits
  12. 23 Feb, 2020 1 commit
  13. 19 Dec, 2019 2 commits
    • Sumit Bose's avatar
      add option use-ldaps · 85097245
      Sumit Bose authored
      In general using the LDAP port with GSS-SPNEGO should satifiy all
      requirements an AD DC should have for authentication on an encrypted
      LDAP connection.
      
      But if e.g. the LDAP port is blocked by a firewall using the LDAPS port
      with TLS encryption might be an alternative. For this use case the
      --use-ldaps option is added.
      
      Related to https://bugzilla.redhat.com/show_bug.cgi?id=1762420
      85097245
    • Sumit Bose's avatar
      Use GSS-SPNEGO if available · a6f795ba
      Sumit Bose authored
      Currently adcli uses the GSSAPI SASL mechanism for LDAP authentication
      and to establish encryption. While this works in general it does not
      handle some of the more advanced features which can be required by AD
      DCs.
      
      The GSS-SPNEGO mechanism can handle them and is used with this patch by
      adcli if the AD DC indicates that it supports it.
      
      Related to https://bugzilla.redhat.com/show_bug.cgi?id=1762420
      a6f795ba
  14. 28 Nov, 2019 3 commits
  15. 03 Sep, 2019 2 commits
  16. 26 Aug, 2019 2 commits
  17. 23 Aug, 2019 1 commit
  18. 14 Jun, 2019 4 commits
  19. 15 Apr, 2019 5 commits