[Freeipa-devel] [PATCH] Add new env variables. 'container_dns' for DNS plugin, 'use_ldap2' for new LDAP backend debugging.
Rob Crittenden
rcritten at redhat.com
Tue Apr 21 14:35:54 UTC 2009
Martin Nagy wrote:
> On Tue, 21 Apr 2009 10:21:17 -0400, Rob Crittenden
> <rcritten at redhat.com> wrote:
>
>> Martin Nagy wrote:
>>> On Tue, 21 Apr 2009 10:02:07 -0400, Rob Crittenden
>>> <rcritten at redhat.com> wrote:
>>>
>>>> Pavel Zuna wrote:
>>>>> container_dns is required by the DNS plugin (currently being
>>>>> reviewed).
>>>>>
>>>>> use_ldap2 is for testing purposes: just a temporary and should be
>>>>> deleted after we switch completely to the new LDAP backend.
>>>>>
>>>>> Pavel
>>>>>
>>>> What will be stored in cn=dns? I haven't seen the plugin.
>>> DNS records for the bind LDAP plug-in.
>>>
>> Ok, maybe this has been discussed before and I've forgotten, but is
>> there going to be any linkage between DNS host entries and cn=hosts?
>> Should any referential integrity be done? It is quite a rat hole if
>> we start down that path.
>
> IIRC we (me, Simo and Dmitri) agreed that there won't be any linkage. At
> best, we could provide a link from one to the other in the Web UI, but
> that's not necessary at all. Everything under cn=dns will be used by
> the DNS server, so there might actually be records that IPA has no idea
> about. It's basically just a replacement for flat zone files.
>
> Martin
Ok, we can always add that in the future too.
So in v1 when creating principals we would do a DNS lookup to ensure
that the host existed. Is it safe to say that this can be replaced with
an internal lookup for the host or should we stick with DNS?
rob
More information about the Freeipa-devel
mailing list