[Freeipa-devel] FreeIPA 3.4 -> 4.0
Alexander Bokovoy
abokovoy at redhat.com
Wed Feb 26 11:42:29 UTC 2014
On Wed, 26 Feb 2014, Martin Kosek wrote:
>On 02/26/2014 12:31 PM, Alexander Bokovoy wrote:
>> On Wed, 26 Feb 2014, Martin Kosek wrote:
>>> Hello all,
>>>
>>> I would like to discuss a proposal that Simo had on FreeIPA devel meeting.
>>> Given permission/ACI refactoring that Petr3 is working on, people may have
>>> issues with access to their LDAP if they played too much with the default ACIs
>>> or if they expect that some information stays accessible in the new version. It
>>> may not stay accessible we are removing the SUFFIX level all allowing ACIs and
>>> creating custom read ACIs.
>>>
>>> Bottom line is we need to do our best in making our users aware that there are
>>> big changes in this version they need to be aware of. One way is to release a
>>> new major release with appropriate release notes.
>>>
>>> I support that move, I think we have enough big features planned to justify new
>>> major release:
>>>
>>> * Permissions/ACIs
>>> * OTP
>>> * DNSSEC (hopefully)
>>> * CA Certificate Management Tool
>>> * Big Web UI face lift and refactoring
>>> * ...
>> I agree. If we succeed with global catalog work, it would too be big
>> enough feature.
>
>Right. Though in this particular case it would also fit in the 3.x line as it
>would be actually completing our 3.x theme which is AD trust. It would add the
>IPA -> AD part.
Technically it would be considerable change -- with new (cached) DS
instance and a specialized schema, etc.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list