[Freeipa-devel] [PATCH 0039] Enable FAST support in SSSD by default
Alexander Bokovoy
abokovoy at redhat.com
Tue Feb 11 12:57:40 UTC 2014
On Mon, 10 Feb 2014, Jakub Hrozek wrote:
>On Mon, Feb 10, 2014 at 04:06:37PM -0500, Nathaniel McCallum wrote:
>> https://fedorahosted.org/freeipa/ticket/4173
>>
>> I do have one question. Do we ever try to "upgrade" the SSSD config? If
>> so, should we try to "upgrade" the SSSD config to enable FAST by
>> default?
>>
>> Nathaniel
>
>What if we changed the SSSD defaults instead? Would enabling FAST by
>default break backwards compatibility in any way if we set it to "try" ?
'try' shouldn't break anything now that I fixed SSSD side to properly
process OTP token responses.
>I would prefer to keep the config as clean as possible and only rely on
>sane defaults.
I agree but this means we would depend on specific SSSD version to
provide full OTP experience. It may be good to be clear with that in
documentation instead of explicitly setting the option, though.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list