From 269b5a2cdb9b2f2c65423081f532db42a2ec55e4 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Sat, 16 Jan 2016 16:13:03 -0800 Subject: Add documentation of the Active Directory support Also remove some configuration checks that aren't required, and unify handling of some configuration options. --- NEWS | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index aa9cf47..9d5b1a6 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,18 @@ wallet 1.3 (unreleased) + This release adds initial, experimental support for using Active + Directory as the KDC for keytab creation. The interface to Active + Directory uses a combination of direct LDAP queries and the msktutil + utility. This version does not support the wallet unchanging flag. + Unchanging requires that a keytab be retrieved without changing the + password/kvno which is not supported by msktutil. Active Directory + can be selected by setting KEYTAB_KRBTYPE to AD in the wallet + configuration. Multiple other configuration options must also be set; + see Wallet::Config for more information and README for the additional + Perl modules required. Thanks to Bill MacAllister for the + implementation. + A new ACL type, nested (Wallet::ACL::Nested), is now supported. The identifier of this ACL names another ACL, and access is granted if that ACL would grant access. This lets one combine multiple other @@ -63,13 +75,6 @@ wallet 1.3 (unreleased) Displays of ACLs and ACL entries are now sorted correctly. - Initial support for using Active Directory as the KDC for keytab - creation. The interface to Active Directory uses a combination of - direct LDAP queries and the msktutil utility. This version does - not support the wallet unchanging flag. Unchanging requires that - a keytab be retrieved without changing the password/kvno which is - not supported by msktutil. - wallet 1.2 (2014-12-08) The duo object type has been split into several sub-types, each for a -- cgit v1.2.3