Use of AD and LDAP sudo providers
The Active Directory (AD) provider is a back end used to connect to an AD server. In Red Hat Enterprise Linux 7.2, using the AD sudo provider together with the LDAP provider is supported as a Technology Preview. To enable the AD sudo provider, add the
sudo_provider=ad setting in the [domain] section of the
DNSSEC available as Technology Preview in Identity Management
Identity Management servers with integrated DNS now support DNS Security Extensions (DNSSEC), a set of extensions to DNS that enhance security of the DNS protocol. DNS zones hosted on Identity Management servers can be automatically signed using DNSSEC. The cryptographic keys are automatically generated and rotated.
Users who decide to secure their DNS zones with DNSSEC are advised to read and follow these documents:
Nunc Stans event framework available for Directory Server
A new Nunc Stans event framework to handle multiple simultaneous connections has been added as Technology Preview. The framework allows supporting several thousand active connections with no performance degradation. It is disabled by default.
Browser for the JSON-RPC API in IdM is available
This update implements a browser for the JSON-RPC API in Identity Management. The browser can be used to view the API. Note that this feature is experimental and the API is not yet supported.
New packages: ipsilon
The ipsilon packages provide the Ipsilon identity provider service for federated single sign-on (SSO). Ipsilon links authentication providers and applications or utilities to allow for SSO. It includes a server and utilities to configure Apache-based service providers.
The Ipsilon server and toolkit is designed to configure Apache-based identity Service Providers. The server is a pluggable self-contained
mod_wsgi application that provides federated SSO to web applications.
Ipsilon is introduced in this release as a Technology Preview. Customers are advised not to consider integration of this service for production environments at this time.