0001-Start-dirsrv-for-kdcproxy-upgrade.patch
0002-Fix-DNS-records-installation-for-replicas.patch
0003-Prevent-to-rename-certprofile-profile-id.patch
0004-Stageusedr-activate-show-username-instead-of-DN.patch
0005-copy-schema-to-ca-allow-to-overwrite-schema-files.patch
0006-spec-file-Update-minimum-required-version-of-krb5.patch
0007-do-not-import-memcache-on-client.patch
0008-selinux-enable-httpd_run_ipa-to-allow-communicating-.patch
0009-oddjob-avoid-chown-keytab-to-sssd-if-sssd-user-does-.patch
0010-webui-fix-user-reset-password-dialog.patch
0011-fix-hbac-rule-search-for-non-admin-users.patch
0012-fix-selinuxusermap-search-for-non-admin-users.patch
0013-Validate-adding-privilege-to-a-permission.patch
0014-migration-Use-api.env-variables.patch
0015-sysrestore-copy-files-instead-of-moving-them-to-avoi.patch
0016-Allow-value-no-for-replica-certify-all-attr-in-abort.patch
0017-trusts-Check-for-AD-root-domain-among-our-trusted-do.patch
0018-enable-debugging-of-ntpd-during-client-installation.patch
0019-cermonger-Use-private-unix-socket-when-DBus-SystemBu.patch
0020-ipa-client-install-Do-not-re-start-certmonger-and-DB.patch
0021-DNS-Consolidate-DNS-RR-types-in-API-and-schema.patch
0022-ipaplatform-Add-constants-submodule.patch
0023-DNS-check-if-DNS-package-is-installed.patch
0024-dcerpc-Expand-explanation-for-WERR_ACCESS_DENIED.patch
0025-dcerpc-Fix-UnboundLocalError-for-ccache_name.patch
0026-fix-broken-search-for-users-by-their-manager.patch
0027-dcerpc-Add-get_trusted_domain_object_type-method.patch
0028-idviews-Restrict-anchor-to-name-and-name-to-anchor-c.patch
0029-idviews-Enforce-objectclass-check-in-idoverride-del.patch
0030-idviews-Check-for-the-Default-Trust-View-only-if-app.patch
0031-replication-Fix-incorrect-exception-invocation.patch
0032-webui-add-Kerberos-configuration-instructions-for-Ch.patch
0033-Remove-ico-files-from-Makefile.patch
0034-ACI-plugin-correctly-parse-bind-rules-enclosed-in-pa.patch
0035-ULC-Fix-stageused-add-from-delete-command.patch
0036-webui-fix-regressions-failed-auth-messages.patch
0037-Validate-vault-s-file-parameters.patch
0038-certprofile-import-do-not-require-profileId-in-profi.patch
0039-user-show-add-out-option-to-save-certificates-to-fil.patch
0040-store-certificates-issued-for-user-entries-as-userCe.patch
0041-Fix-incorrect-type-comparison-in-trust-fetch-domains.patch
0042-Fix-selector-of-protocol-for-LSA-RPC-binding-string.patch
0043-dcerpc-Simplify-generation-of-LSA-RPC-binding-string.patch
0044-Fixed-missing-KRA-agent-cert-on-replica.patch
0045-webui-add-LDAP-vs-Kerberos-behavior-description-to-u.patch
0046-Fix-upgrade-of-sidgen-and-extdom-plugins.patch
0047-Give-more-info-on-virtual-command-access-denial.patch
0048-Allow-SAN-extension-for-cert-request-self-service.patch
0049-Add-profile-for-DNP3-IEC-62351-8-certificates.patch
0050-Work-around-python-nss-bug-on-unrecognised-OIDs.patch
0051-adtrust-install-Correctly-determine-4.2-FreeIPA-serv.patch
0052-certprofile-import-improve-profile-format-documentat.patch
0053-Fix-default-CA-ACL-added-during-upgrade.patch
0054-Fix-KRB5PrincipalName-UPN-SAN-comparison.patch
0055-adjust-search-so-that-it-works-for-non-admin-users.patch
0056-validate-mutually-exclusive-options-in-vault-add.patch
0057-idranges-raise-an-error-when-local-IPA-ID-range-is-b.patch
0058-install-Fix-server-and-replica-install-options.patch
0059-certprofile-add-profile-format-explanation.patch
0060-ULC-Prevent-preserved-users-from-being-assigned-memb.patch
0061-Asymmetric-vault-validate-public-key-in-client.patch
0062-add-permission-System-Manage-User-Certificates.patch
0063-Add-permission-for-bypassing-CA-ACL-enforcement.patch
0064-Added-CLI-param-and-ACL-for-vault-service-operations.patch
0065-trusts-Detect-missing-Samba-instance.patch
0066-winsync-migrate-Add-warning-about-passsync.patch
0067-winsync-migrate-Expand-the-man-page.patch
0068-fix-typo-in-BasePathNamespace-member-pointing-to-ods.patch
0069-ipa-backup-archive-DNSSEC-zone-file-and-kasp.db.patch
0070-baseldap-Allow-overriding-member-param-label-in-LDAP.patch
0071-vault-Fix-param-labels-in-output-of-vault-owner-comm.patch
0072-Fixed-vault-container-ownership.patch
0073-vault-normalize-service-principal-in-service-vault-o.patch
0074-vault-validate-vault-type.patch
0075-install-Fix-replica-install-with-custom-certificates.patch
0076-trusts-harden-trust-fetch-domains-oddjobd-based-scri.patch
0077-user-undel-Fix-error-messages.patch
0078-Prohibit-deletion-of-predefined-profiles.patch
0079-improve-the-handling-of-krb5-related-errors-in-dnsse.patch
0080-client-Add-support-for-multiple-IP-addresses-during-.patch
0081-vault-Fix-vault-find-with-criteria.patch
0082-vault-Add-container-information-to-vault-command-res.patch
0083-Server-Upgrade-Start-DS-before-CA-is-started.patch
0084-cert-request-remove-allowed-extensions-check.patch
0085-client-Add-description-of-ip-address-and-all-ip-addr.patch
0086-Backup-resore-authentication-control-configuration.patch
0087-Add-flag-to-list-all-service-and-user-vaults.patch
0088-Add-user-stage-command.patch
0089-trusts-format-Kerberos-principal-properly-when-fetch.patch
0090-Change-internal-rsa_-public-private-_key-variable-na.patch
0091-improve-the-usability-of-ipa-user-del-preserve-comma.patch
0092-DNSSEC-fix-forward-zone-forwarders-checks.patch
0093-Added-support-for-changing-vault-encryption.patch
0094-vault-change-default-vault-type-to-symmetric.patch
0095-fix-missing-information-in-object-metadata.patch
0096-webui-add-option-to-establish-bidirectional-trust.patch
0097-Removed-clear-text-passwords-from-KRA-install-log.patch
0098-certprofile-prevent-rename-modrdn.patch
0099-vault-Limit-size-of-data-stored-in-vault.patch
0100-ipactl-Do-not-start-stop-restart-single-service-mult.patch
0101-cert-renewal-Include-KRA-users-in-Dogtag-LDAP-update.patch
0102-cert-renewal-Automatically-update-KRA-agent-PEM-file.patch
0103-DNSSEC-remove-DNSSEC-is-experimental-warnings.patch
0104-Backup-back-up-the-hosts-file.patch
0105-certprofile-remove-rename-option.patch
0106-Installer-do-not-modify-etc-hosts-before-user-agreem.patch
0107-DNSSEC-backup-and-restore-opendnssec-zone-list-file.patch
0108-DNSSEC-remove-ccache-and-keytab-of-ipa-ods-exporter.patch
0109-DNSSEC-prevent-ipa-ods-exporter-from-looping-after-s.patch
0110-DNSSEC-Fix-deadlock-in-ipa-ods-exporter-ods-enforcer.patch
0111-DNSSEC-Fix-HSM-synchronization-in-ipa-dnskeysyncd-wh.patch
0112-DNSSEC-Fix-key-metadata-export.patch
0113-DNSSEC-Wrap-master-key-using-RSA-OAEP-instead-of-old.patch
0114-ldap-Make-ldap2-connection-management-thread-safe-ag.patch
0115-Using-LDAPI-to-setup-CA-and-KRA-agents.patch
0116-load-RA-backend-plugins-during-standalone-CA-install.patch
0117-Handle-timeout-error-in-ipa-httpd-kdcproxy.patch
0118-Server-Upgrade-backup-CS.cfg-when-dogtag-is-turned-o.patch
0119-IPA-Restore-allows-to-specify-files-that-should-be-r.patch
0120-config-allow-user-host-attributes-with-tagging-optio.patch
0121-winsync-Add-inetUser-objectclass-to-the-passsync-sys.patch
0122-baseldap-make-subtree-deletion-optional-in-LDAPDelet.patch
0123-vault-add-vault-container-commands.patch
0124-vault-set-owner-to-current-user-on-container-creatio.patch
0125-vault-update-access-control.patch
0126-vault-add-permissions-and-administrator-privilege.patch
0127-install-support-KRA-update.patch
0128-webui-use-manual-Firefox-configuration-for-Firefox-4.patch
0129-ipa-backup-Add-mechanism-to-store-empty-directory-st.patch
0130-install-create-kdcproxy-user-during-server-install.patch
0131-destroy-httpd-ccache-after-stopping-the-service.patch
0132-platform-add-option-to-create-home-directory-when-ad.patch
0133-install-fix-kdcproxy-user-home-directory.patch
0134-winsync-migrate-Convert-entity-names-to-posix-friend.patch
0135-winsync-migrate-Properly-handle-collisions-in-the-na.patch
0136-Fix-an-integer-underflow-bug-in-libotp.patch
0137-do-not-overwrite-files-with-local-users-groups-when-.patch
0138-install-fix-KRA-agent-PEM-file-permissions.patch
0139-install-always-export-KRA-agent-PEM-file.patch
0140-vault-select-a-server-with-KRA-for-vault-operations.patch
0141-schema-do-not-derive-ipaVaultPublicKey-from-ipaPubli.patch
0142-upgrade-make-sure-ldap2-is-connected-in-export_kra_a.patch
0143-vault-fix-private-service-vault-creation.patch
0144-install-fix-command-line-option-validation.patch
0145-install-export-KRA-agent-PEM-file-in-ipa-kra-install.patch
0146-cert-renewal-make-renewal-of-ipaCert-atomic.patch
0147-suppress-errors-arising-from-adding-existing-LDAP-en.patch
0148-fix-caching-in-get_ipa_config.patch
0149-client-install-do-not-corrupt-OpenSSH-config-with-Ma.patch
0150-upgrade-fix-migration-of-old-dns-forward-zones.patch
0151-TLS-and-Dogtag-HTTPS-request-logging-improvements.patch
0152-Avoid-race-condition-caused-by-profile-delete-and-re.patch
0153-ipa-cacert-renew-Fix-connection-to-ldap.patch
0154-ipa-otptoken-import-Fix-connection-to-ldap.patch
0155-Do-not-erroneously-reinit-NSS-in-Dogtag-interface.patch
0156-Add-profiles-and-default-CA-ACL-on-migration.patch
0157-disconnect-ldap2-backend-after-adding-default-CA-ACL.patch
0158-do-not-disconnect-when-using-existing-connection-to-.patch
0159-Fix-upgrade-of-forwardzones-when-zone-is-in-realmdom.patch
0160-Fix-version-comparison.patch
0161-DNS-fix-file-permissions.patch
0162-Explicitly-call-chmod-on-newly-created-directories.patch
0163-Fix-replace-mkdir-with-chmod.patch
0164-DNSSEC-Improve-error-reporting-from-ipa-ods-exporter.patch
0165-DNSSEC-Make-sure-that-current-state-in-OpenDNSSEC-ma.patch
0166-DNSSEC-Make-sure-that-current-key-state-in-LDAP-matc.patch
0167-DNSSEC-remove-obsolete-TODO-note.patch
0168-DNSSEC-add-debug-mode-to-ldapkeydb.py.patch
0169-DNSSEC-logging-improvements-in-ipa-ods-exporter.patch
0170-DNSSEC-remove-keys-purged-by-OpenDNSSEC-from-master-.patch
0171-DNSSEC-ipa-dnskeysyncd-Skip-zones-with-old-DNSSEC-me.patch
0172-DNSSEC-ipa-ods-exporter-add-ldap-cleanup-command.patch
0173-DNSSEC-ipa-dnskeysyncd-call-ods-signer-ldap-cleanup-.patch
0174-DNSSEC-Log-debug-messages-at-log-level-DEBUG.patch
0175-Allow-to-used-mixed-case-for-sysrestore.patch
0176-prevent-crash-of-CA-less-server-upgrade-due-to-absen.patch
0177-Upgrade-Fix-upgrade-of-NIS-Server-configuration.patch
0178-use-FFI-call-to-rpmvercmp-function-for-version-compa.patch
0179-ipalib-assume-version-2.0-when-skip_version_check-is.patch
0180-always-start-certmonger-during-IPA-server-configurat.patch
0181-ipa-kdb-map_groups-consider-all-results.patch
0182-ipa-ca-install-print-more-specific-errors-when-CA-is.patch
0183-installer-Propagate-option-values-from-components-in.patch
0184-installer-Fix-logic-of-reading-option-values-from-ca.patch
0185-Fixed-login-error-message-box-in-LoginScreen-page.patch
0186-cert-renewal-import-all-external-CA-certs-on-IPA-CA-.patch
0187-CA-install-explicitly-set-dogtag_version-to-10.patch
0188-fix-standalone-installation-of-externally-signed-CA-.patch
0189-replica-install-validate-DS-and-HTTP-server-certific.patch
0190-Do-not-decode-HTTP-reason-phrase-from-Dogtag.patch
0191-upgrade-unconditional-import-of-certificate-profiles.patch
0192-upgrade-fix-config-of-sidgen-and-extdom-plugins.patch
0193-trusts-use-ipaNTTrustPartner-attribute-to-detect-tru.patch
0194-Warn-user-if-trust-is-broken.patch
0195-fix-upgrade-wait-for-proper-DS-socket-after-DS-resta.patch
0196-slapi-nis-update-configuration-to-allow-external-mem.patch
0197-Insure-the-admin_conn-is-disconnected-on-stop.patch
0198-Fix-connections-to-DS-during-installation.patch
0199-Fix-broken-trust-warnings.patch
0200-replica-install-improvements-in-the-handling-of-CA-r.patch
0201-certdb-never-use-the-r-option-of-certutil.patch
0202-Prevent-replica-install-from-overwriting-cert-profil.patch
0203-Detect-and-repair-incorrect-caIPAserviceCert-config.patch
0204-replica-install-do-not-set-CA-renewal-master-flag.patch
0205-mod_auth_gssapi-enable-unique-credential-caches-name.patch
0206-cert-revoke-fix-permission-check-bypass-CVE-2016-540.patch
1001-Hide-pkinit-functionality-from-production-version.patch
1002-Remove-pkinit-plugin.patch
1003-Remove-pkinit-references-from-tool-man-pages.patch
1004-Change-branding-to-IPA-and-Identity-Management.patch
1005-Remove-pylint-from-build-process.patch
1006-Remove-i18test-from-build-process.patch
1007-Do-not-build-tests.patch
1008-RCUE.patch
1009-Do-not-allow-installation-in-FIPS-mode.patch
1010-WebUI-add-API-browser-is-experimental-warning.patch
ipa-centos-branding.patch