[Freeipa-devel] Re: things to be stored
Rob Crittenden
rcritten at redhat.com
Tue Nov 13 20:09:42 UTC 2007
Rob Crittenden wrote:
> I could care less how the configuration is stored in LDAP, either as a
> extensibleObject or with its own schema, but here is the stuff I need
> stored somewhere:
>
> userSearchFields, a list of attributes e.g.
> uid,givenName,sn,telephoneNumber,ou,title
>
> searchTimeLimit, an integer, e.g. 2
>
> customFields, a set of tuple of the form (label, attribute, required).
> All are strings. required is a boolean but will contain "true" or
> "false". This needs to be extensible as at some point we'll add a
> validator as well, and who knows what else, maybe things to limit field
> length, min/max size, etc.
>
> The current hardcoded version, in python, looks like:
>
> schema = [
> { 'label': 'See Also',
> 'field': 'seeAlso',
> 'required': 'true', } ,
> { 'label': 'O O O',
> 'field': 'o',
> 'required': 'false', } ,
> ]
>
> Another thing we need to think about is how I'll fetch this from the
> server. Currently all requests to the server need to be authenticated
> but it would probably be better performance-wise to grab this at startup
> time. So should we allow unauthenticated requests to the XML-RPC
> interface? Currently the whole thing requires SSL and kerberos.
Found some more things to store:
- root of home directory (e.g. /home, /u, /export1/home, whatever)
- default shell (going with /bin/bash by default)
- default group that new users are automatically added to (ipausers by
default)
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071113/3c7ef160/attachment.bin>
More information about the Freeipa-devel
mailing list