[Freeipa-devel] [PATCH] Add sidgen postop and task

[Alexander Bokovoy]

On Mon, 25 Jun 2012, Sumit Bose wrote:
>Hi,
>
>this patch added support to automatically create SIDs for local objects
>as described in ticket https://fedorahosted.org/freeipa/ticket/2825.
>
>The post-operation plugin adds the SID and if necessary the needed
>objectclass for a newly created object.
ACK.

Works for me in tests.

>The directory server task can you used to set SID to existing objects in
>one run. Since there were concerns about the amount of replication
>traffic this task accepts a parameter 'delay' to let the task pause for
>the given number of micro-seconds after an object was changed. I also do
>not start the task during ipa-adtrust-install to allow to run the task
>at a more appropriate time. I wonder if it is ok to just have an ldif
>file as example and explain in the docs how to start the task with
>ldapmodify or if a tighter integration is needed. Typically this task
>should be called only once after ipa-adtrust-install.
We probably would need to make something like 'ipa-task-manage' that
would allow listing, enabling, scheduling, and disabling all supported
tasks.

Something to work on once we have refactored installer/tools
infrastructure in 3.1?

-- 
/ Alexander Bokovoy