[Freeipa-devel] [PATCH] 0203 adtrust: remove ipanttrustpartner parameter
Alexander Bokovoy
abokovoy at redhat.com
Mon Jun 6 11:14:13 UTC 2016
On Mon, 06 Jun 2016, Martin Basti wrote:
>
>
>On 06.06.2016 12:36, Alexander Bokovoy wrote:
>>Hi,
>>
>>MS-ADTS spec requires that TrustPartner field should be equal to the
>>commonName (cn) of the trust. We used it a bit wrongly to express
>>trust relationship between parent and child domains. In fact, we
>>have parent-child relationship recorded in the DN (child domains
>>are part of the parent domain's container).
>>
>>Remove the argument that was never used externally but only supplied by
>>trust-specific code inside the IPA framework.
>>
>>Part of https://fedorahosted.org/freeipa/ticket/5354
>>
>>
>>
>
>Hello, how is handled backward compatibility here, you just removes
>the option from API, without any additional logic for older clients.
This is not used by the external clients at all. It is part of internal
logic of the code in trust.py+com.redhat.trust.fetch-domains which
always talk to the same server they are running on.
@register()
class trustdomain_add(LDAPCreate):
__doc__ = _('Allow access from the trusted domain')
NO_CLI = True
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list