[Freeipa-devel] [PATCH] 773-777 ranges: prohibit setting --rid-base with ipa-trust-ad-posix type
Petr Vobornik
pvoborni at redhat.com
Wed Oct 15 12:20:21 UTC 2014
ticket: https://fedorahosted.org/freeipa/ticket/4221
== [PATCH] 773 ranges: prohibit setting --rid-base with
ipa-trust-ad-posix type ==
We should not allow setting --rid-base for ranges of ipa-trust-ad-posix
since we do not perform any RID -> UID/GID mappings for these ranges
(objects have UID/GID set in AD). Thus, setting RID base makes no sense.
Since ipaBaseRID is a MUST in ipaTrustedADDomainRange object class,
value '0' is allowed and used internally for 'ipa-trust-ad-posix' range
type.
No schema change is done.
== [PATCH] 774 unittests: baserid for ipa-ad-trust-posix idranges ==
== [PATCH] 775 ldapupdater: set baserid to 0 for ipa-ad-trust-posix
ranges ==
New updater plugin which sets baserid to 0 for ranges with type
ipa-ad-trust-posix
https://fedorahosted.org/freeipa/ticket/4221
== [PATCH] 776 idrange: include raw range type in output ==
iparangetype output is a localized human-readable value which is not
suitable for machine-based API consumers
Solved by new iparangetyperaw output attribute which contains
iparangetype's raw value
Note: I don't like this approach. It would be better to return just the
raw value a do the transformation in clients. But we do have a
precedent:
http://www.redhat.com/archives/freeipa-devel/2012-January/msg00190.html
== [PATCH] 777 webui: prohibit setting rid base with ipa-trust-ad-posix
type ==
Base RID is no longer editable for ipa-trust-ad-posix range type
Adder dialog:
- Range type selector was moved up because it affects a field above it
Details page:
- Only fields relevant to range's type are visible
https://fedorahosted.org/freeipa/ticket/4221
--
Petr Vobornik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0777-webui-prohibit-setting-rid-base-with-ipa-trust-ad-po.patch
Type: text/x-patch
Size: 5410 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141015/01ceb2e3/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0776-idrange-include-raw-range-type-in-output.patch
Type: text/x-patch
Size: 4486 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141015/01ceb2e3/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0775-ldapupdater-set-baserid-to-0-for-ipa-ad-trust-posix-.patch
Type: text/x-patch
Size: 4524 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141015/01ceb2e3/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0774-unittests-baserid-for-ipa-ad-trust-posix-idranges.patch
Type: text/x-patch
Size: 13048 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141015/01ceb2e3/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0773-ranges-prohibit-setting-rid-base-with-ipa-trust-ad-p.patch
Type: text/x-patch
Size: 4757 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141015/01ceb2e3/attachment-0004.bin>
More information about the Freeipa-devel
mailing list