[Freeipa-devel] [PATCH] Add new env variables. 'container_dns' for DNS plugin, 'use_ldap2' for new LDAP backend debugging.
Rob Crittenden
rcritten at redhat.com
Tue Apr 21 14:59:06 UTC 2009
Martin Nagy wrote:
> On Tue, 21 Apr 2009 10:35:54 -0400, Rob Crittenden
> <rcritten at redhat.com> wrote:
>
>> Martin Nagy wrote:
>>> On Tue, 21 Apr 2009 10:21:17 -0400, Rob Crittenden
>>> <rcritten at redhat.com> wrote:
>>>
>>>> Martin Nagy wrote:
>>>>> On Tue, 21 Apr 2009 10:02:07 -0400, Rob Crittenden
>>>>> <rcritten at redhat.com> wrote:
>>>>>
>>>>>> Pavel Zuna wrote:
>>>>>>> container_dns is required by the DNS plugin (currently being
>>>>>>> reviewed).
>>>>>>>
>>>>>>> use_ldap2 is for testing purposes: just a temporary and should
>>>>>>> be deleted after we switch completely to the new LDAP backend.
>>>>>>>
>>>>>>> Pavel
>>>>>>>
>>>>>> What will be stored in cn=dns? I haven't seen the plugin.
>>>>> DNS records for the bind LDAP plug-in.
>>>>>
>>>> Ok, maybe this has been discussed before and I've forgotten, but
>>>> is there going to be any linkage between DNS host entries and
>>>> cn=hosts? Should any referential integrity be done? It is quite a
>>>> rat hole if we start down that path.
>>> IIRC we (me, Simo and Dmitri) agreed that there won't be any
>>> linkage. At best, we could provide a link from one to the other in
>>> the Web UI, but that's not necessary at all. Everything under
>>> cn=dns will be used by the DNS server, so there might actually be
>>> records that IPA has no idea about. It's basically just a
>>> replacement for flat zone files.
>>>
>>> Martin
>> Ok, we can always add that in the future too.
>>
>> So in v1 when creating principals we would do a DNS lookup to ensure
>> that the host existed. Is it safe to say that this can be replaced
>> with an internal lookup for the host or should we stick with DNS?
>
> Let's stick with DNS. We want to be able to support external DNS
> servers.
>
> Martin
Alright then.
ack for the patch.
rob
More information about the Freeipa-devel
mailing list