[Freeipa-devel] topology plugin - again need for input

[Ludwig Krispenz]

On 03/18/2015 02:28 PM, Simo Sorce wrote:
> On Wed, 2015-03-18 at 12:18 +0100, Ludwig Krispenz wrote:
>> Hi,
>>
>> I need your feedback on a problem with implementing the topology plugin:
>> marking an replication agreement, this seems to be a never ending story
>>
>> We want o mark an agreement when it is creqated by the plugin or put
>> under control of the plugin by raising the domain level.
>> The first idea was to rename the agreement, but this failed because DS
>> does not support MODRDN on the cn=config backend and on second thought
>> using a naming convetion on the rdn of the agreement entry seems to be
>> not the best idea.
>> The next approach was to use an attribute in the the agreement itself,
>> and I just used description, which is multivalued and I added a
>> description value "managed agreement ....".
>> This works, but didn't get Simo's blessing and we agreed just to add a
>> new objectclass "ipaReplTopoManagedAgreement", which could be used
>> without extenting the core replication schema.
>> I think this is the best solution, but unfortunately it fails.
>> replication code is called when an agreement is modified and it accepts
>> only modifications for a defined set of replication agreement attributes
>> - other mods are rejected with UNWILLING_TO_PERORM.
>>
>> I think we could enhance DS to accept a wider range of changes to the
>> replication agreement (it already does it for winsync agreements), but
>> this would add a new dependency on a specific DS version where this
>> change is included.
>>
>>
>> Do you think this dependency is acceptable (topology plugin is targeted
>> to 4.2) ? or do we need to find another clever solution or use the not
>> so nice "description" way ?
> A dependency on a specific version of DS is just fine IMO.
thanks, I'll enhance DS then
Ludwig
>
> Simo.
>