[Freeipa-devel] LDAP updater with --test option
Martin Basti
mbasti at redhat.com
Thu Jul 24 15:14:58 UTC 2014
Hi list,
maybe I missed something, but I expected, there are no modifications
with this option.
With --test option the LDAP schema is not updated, but update plugins
don't care about --test option ('live_run' in code).
Update plugins use and IPA api directly to modify LDAP instead of return
a required changes
(DNS, update_idranges, update_managed_permissions, update_pacs,
update_services plugins).
Am wrong, or it is bad behavior and plugin should be fixed to not
execute any modifications in test mode?
Next Q: I have method which prepares IPA to support DNSSEC. The method
requires both updating LDAP and creating directories/keytabs/etc.
Should I separate the LDAP part of update method, or can I use it all in
ldap-updater?
--
Martin Basti
More information about the Freeipa-devel
mailing list