[Freeipa-devel] [PATCH] ldif and acis for config
Richard Megginson
rmeggins at redhat.com
Wed Oct 24 15:56:26 UTC 2007
Rob Crittenden wrote:
> Kevin McCarthy wrote:
>> Simo Sorce wrote:
>>> On Tue, 2007-10-23 at 15:21 -0700, Kevin McCarthy wrote:
>>>> dn=name=yi,.....,dc=freeipa,dc=org
>>>> objectClass=???
>>>> name=er
>>>> value=san
>>>> comment=chinese numbers are fun
>>> This way of handling things have huge problems.
>>>
>>> 1. No way to control the attribute value syntax.
>>> 2. No way to search all options with a single query on an object
>>> 3. Uncontrollable proliferation of objects
>>> 4. impossible to validate syntax of both attribute names and values
>>>
>>> Can you list exactly what you would like to set in conf options for
>>> real
>>> so that we can evaluate why you are asking for this kind of schema?
>>
>> Sure, some of the values we want to store were in the patch starting
>> this thread:
>>
>> userSearchFields: uid,givenName,sn,telephoneNumber,ou,title
>> searchTimeLimit: 2
>> maxUidLength: 8
>> passwordExpireNotifyDays: 7
>>
>> I'm sure there will be others.
>>
>> The idea was just to take miscellaneous configs from webgui code out of
>> the code and into an externally modifiable place.
>>
>> However, if it's that big of a headache I'm inclined to just leave them
>> in the code! :-)
>>
>> In all seriousness, I think you and Pete need to chat and work out
>> something with Rob. I think it will take a bit more time to think this
>> through and I'm not sure it's worth it for Milestone 5 or V1.
>
> FDS stores its entire configuration in LDAP. It can't be that hard to
> work something out.
Well, Fedora DS "cheats" - that is, many of the config entries are
"extensibleObject" and there is no schema defined. The best way is to
actually define a schema, which we did for many of the config entries.
But before you do that, you will need to figure out which base OID to
use. Should Red Hat's base OID be used? Can freeIPA get its own OID?
>
> rob
> ------------------------------------------------------------------------
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071024/c7dc10e3/attachment.bin>
More information about the Freeipa-devel
mailing list