[Freeipa-devel] Please review: more patches for winsync support
Rich Megginson
rmeggins at redhat.com
Mon Nov 3 16:33:15 UTC 2008
Andrew Bartlett wrote:
> On Fri, 2008-10-03 at 14:25 -0600, Rich Megginson wrote:
>
>> https://bugzilla.redhat.com/show_bug.cgi?id=459729
>> Resolves: bug 459729
>> Bug Description: Windows sync support in IPA - account disable and force
>> sync
>>
>> During testing, I found a few issues:
>>
>> add winsync options to man page for ipa-replica-manage -
>> https://bugzilla.redhat.com/attachment.cgi?id=319412&action=diff
>>
>> ipa-replica-manage commands such as init, synch, and list did not work
>> with windows sync agreements -
>> https://bugzilla.redhat.com/attachment.cgi?id=319413&action=diff
>>
>> before installing the Windows CA cert, I stop the server - this just
>> makes the stop unconditional, since I don't care if the server is
>> running or not -
>> https://bugzilla.redhat.com/attachment.cgi?id=319414&action=diff
>>
>> the ntUniqueID and ntUserDomainID indexes exist by default, so we just
>> have to modify them to add eq,pres -
>> https://bugzilla.redhat.com/attachment.cgi?id=319415&action=diff
>>
>
> Is it too late to hope that WinSync in FreeIPA might use the Samba3
> schema for windows things (like the SID, username etc) rather than this
> netscape schema?
>
Yes, it's too late, at least for this feature. The purpose of this is
just to be able to support some sort of windows sync with IPA for user
entries. This isn't really any sort of enhancement or new feature
(except for the bit about adding some additional schema for IPA user
entries). It's really just making the existing Fedora DS winsync work
with IPA.
> It would make life easier for a possible future Samba4 backend (as it
> would consolidate work with the existing partial Samba3 -> Samba4
> mapping).
>
> Andrew Bartlett
>
>
More information about the Freeipa-devel
mailing list