The FreeIPA team would like to announce FreeIPA v4.2.3 bug fixing release!
It can be downloaded from http://www.freeipa.org/page/Downloads. The builds are available for Fedora 23 and rawhide. Builds for Fedora 22 are available in the official COPR repository.
Highlights in 4.2.3#
FreeIPA 4.2.3 is a bugfix release to improve upgrade experience from FreeIPA 4.1 for Fedora 23 where Tomcat 8 was introduced.
Bug fixes#
Enhancements#
new French and German translations
improved validation of Realm Domains,
ipa-adtrust-install prints complete SRV records so that they are suitable for copy&pasting to zone files
Upgrading#
Upgrade instructions are available on Upgrade page.
Feedback#
Please provide comments, bugs and other feedback via the freeipa-users mailing list (http://www.redhat.com/mailman/listinfo/freeipa-users) or #freeipa channel on Freenode.
Detailed Changelog since 4.2.2#
David Kupka (1)#
comment: Add Documentation string to deduplicate function
Gabe Alford (2)#
Remove bind configuration detected question
Warn if no installation found when running ipa-server-install –uninstall
Jan Cholasta (3)#
schema: do not derive ipaVaultPublicKey from ipaPublicKey
upgrade: make sure ldap2 is connected in export_kra_agent_pem
vault: fix private service vault creation
Martin Babinsky (4)#
remove ID overrides when deleting a user
execute user-del pre-callback also during user preservation
fix class teardown in user plugin tests
always ask the resolver for the reverse zone when manipulating PTR records
Martin Bašti (12)#
CI TEST: Vault
CI Test: add setup_kra options into install scripts
Replace tab with space in test_user_plugin.py
DNSSEC CI: wait until DS records is replicated
DNSSEC: Remove service containers from LDAP after uninstalling
DNSSEC: warn user if DNSSEC key master is not installed
KRA: fix check that CA is installed
Milan Kubík (6)#
ipatests: add fuzzy instances for CA ACL DN and RDN
ipatests: Add initial CAACLTracker implementation
tests: add test to check the default ACL
ipatests: CA ACL - added config templates
ipatests: added unlock_principal_password and change_principal
ipatests: CA ACL and cert profile functional test
Oleg Fayans (1)#
Fixed a timing issue with drill returning non-zero exitcode
Petr Voborník (2)#
Update .po files
Become IPA 4.2.3
Petr Špaček (1)#
ipa-adtrust-install: Print complete SRV records
Stanislav Laznicka (1)#
Fixes disappearing automember expressions
Tomáš Babej (10)#
util: Add detect_dns_zone_realm_type helper
realmdomains: Minor style and wording improvements
realmdomains: Add validation that realmdomain being added is indeed from our realm
realmdomains: Issue a warning when automated management of realmdomains failed
realmdomains: Do not fail due the ValidationError when adding _kerberos TXT record
tests: Amend result assertions in realmdomains tests
idoverride: Ignore ValidationErrors when converting the anchor
tests: Add tests for idoverride object integrity
trusts: Make trust_show.get_dn raise properly formatted NotFound
trustdomain: Perform validation of the trust domain first