[Freeipa-devel] Reorganization of Web UI navigation items

Petr Vobornik pvoborni at redhat.com
Wed Jun 4 07:55:46 UTC 2014 

On 4.6.2014 09:37, Petr Spacek wrote:
> On 4.6.2014 08:44, Martin Kosek wrote:
>> On 06/04/2014 08:34 AM, Martin Kosek wrote:
>> ...
>
> This is really good proposal! Scroll down to see three nit picks:
>
>>> Users
>>> - Users
>>> - Groups
>>> - SUDO
>>>
>>> Hosts
>>> - Hosts
>>> - Host groups
>>> - Services
>>> - Netgroups
>>> - Automount
>>>
>>> Authentication
>>> - OTP Tokens
>>> - Password Policy
>>> - Kerberos Ticket Policy
>>>
>>> Policy
>>> - HBAC
>>> - SELinux User Maps
>>> - Automember
>>
>> Alternatively, we could rename Policy to "Authorization" as both HBAC and
>> SELinux is about authorizing what an authenticated user can do. We
>> would just
>> need to move Automember to different place, though this one is
>> difficult - it
>> relates both to Users and Hosts, just like Netgroup.
>>
>>>
>>> Trusts
>>> - Trust configuration
>>> - Trusts
>>> - (future) Views
>>>
>>> Infrastructure
>>> - Certificates
> ^^^ I would like to see this under "Authentication". Nowaways it is used
> to authenticate machines and it will be extended to user authentication
> as soon as Smart Card support is added.
>
>>> - DNS
>>> - (future) Replication topology
> ^^^ Personally, I would place it under "IPA Configuration".
>
>>> - (future) Vault
> ^^^ Why is Vault under "Infrastructure"? It sounds like "Authentication"
> to me. It is meant to store plain-text passwords etc., no?
>
>
> It seems that I'm proposing to reduce "Infrastructure" to "DNS". We can
> move DNS somewhere or make DNS top-level item until we get DHCP or
> something similar.

I would rather avoid having a temporary top-level item.

>
> This also opens the question if DNS management is really the right
> business for us :-) I'm personally not sure :-)
>
>
>>> Configuration
> ^^^ Can it be "IPA configuration" or something like that? Just
> "Configuration" seems too vague to me. After all, everything in the UI
> is some kind of configuration :-)

We can leave the old "IPA Server" name. I agree that "Replication 
topology" could be here because it configures the tool and not the data, 
similar to other items under this category. But I think that many users 
would try to find it in infrastructure.

>
>>> - Global
>>> - Access Control (RBAC)
>>> - Realm Domains
>>> - ID Ranges
>
-- 
Petr Vobornik

More information about the Freeipa-devel mailing list