[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-devel] Re: things to be stored

Simo Sorce wrote:
On Tue, 2007-11-13 at 15:09 -0500, Rob Crittenden wrote:
Rob Crittenden wrote:
I could care less how the configuration is stored in LDAP, either as a extensibleObject or with its own schema, but here is the stuff I need stored somewhere:

userSearchFields, a list of attributes e.g. uid,givenName,sn,telephoneNumber,ou,title

searchTimeLimit, an integer, e.g. 2

customFields, a set of tuple of the form (label, attribute, required). All are strings. required is a boolean but will contain "true" or "false". This needs to be extensible as at some point we'll add a validator as well, and who knows what else, maybe things to limit field length, min/max size, etc.

The current hardcoded version, in python, looks like:

        schema = [
          { 'label': 'See Also',
            'field': 'seeAlso',
            'required': 'true', } ,
          { 'label': 'O O O',
            'field': 'o',
            'required': 'false', } ,

Another thing we need to think about is how I'll fetch this from the server. Currently all requests to the server need to be authenticated but it would probably be better performance-wise to grab this at startup time. So should we allow unauthenticated requests to the XML-RPC interface? Currently the whole thing requires SSL and kerberos.
Found some more things to store:

- root of home directory (e.g. /home, /u, /export1/home, whatever)
- default shell (going with /bin/bash by default)
- default group that new users are automatically added to (ipausers by default)

This schema might do it:

Rich I'd like a comment from you as well if you have time.
Looks good. It looks similar to the DUA Config Profile schema - http://tools.ietf.org/html/rfc4876

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]