[Freeipa-devel] RE: [Freeipa-interest] [Roadmap] Evolution

NOLLET Remy (CAMPUS) remy.nollet at oxylane-group.com
Mon Nov 3 09:30:52 UTC 2008 

Yes surely,

We did this in the way to get a centralized infrastructure server with a
uniq database as Active directory.
We want to challenge AD on many Full Linux Infra domain.

We need NTP relay, DNS server, Auth server, ACL server (for auth,
right... ) etc...
So first thing we did was to implement NTP relay and LDAP, SSH auth with
a LDAP backend, and do a bind server with th same LDAP backend.
For Sudoers, we test to implement it in LDAP Too. Fine. 
After the way was to use group of server, users and group of users from
this LDAP to simplify management.
Now we:
	- declare servers on DNS/LDAP, 
	- declare posix users on LDAP,
	- put them on different groups NIS/POSIX
	- put ACLs in sudoers on LDAP
	- put ACLs for SSH Auth on LDAP too
		( it's the beginning of major GPO )

We are looking on FreeIPA to get a friendly interface to manage all...
We want to manage full/partial replication between LDAP.
And manage user profile, printers etc...

Maybe use this to integrate/authenticate Windows platform ;-))

Doesn't be anyway to split your roadmap on more fine phasis ?

Kind Regards

Remy

-----Original Message-----
From: Simo Sorce [mailto:ssorce at redhat.com] 
Sent: Sunday, November 02, 2008 6:27 PM
To: NOLLET Remy (CAMPUS)
Cc: freeipa-devel
Subject: Re: [Freeipa-interest] [Roadmap] Evolution

On Tue, 2008-10-28 at 11:48 +0100, NOLLET Remy (CAMPUS) wrote:
> 
> 
> Hi,
> 
> I am very interested about this project to implement an Infra Server 
> on full Linux.
> I know that the wishlist is growing but why do the roadmap going later

> instead of having another release IPA3 ?
> 
> What we have done separetly: 
>         .DNS with LDAP Backend 
>         .SUDERS with LDAP Backend  
>         .a Mix POSIX/NIS schema on LDAP to allow group of users and 
> group of servers.

Remy,
would you mind moving this discussion on freeipa-devel ?
(I took the liberty to reply there).

We are planning on all 3 features for v2, although probably not
implemented the way you did. But it would be nice to discuss merits and
cons of your solution and see if we can learn in the process.

Simo.

--
Simo Sorce * Red Hat, Inc * New York

More information about the Freeipa-devel mailing list