[Freeipa-devel] [DESIGN] IPA client in AD DNS domain
Simo Sorce
simo at redhat.com
Tue May 24 13:18:11 UTC 2016
On Tue, 2016-05-24 at 10:44 +0300, Alexander Bokovoy wrote:
> >Alternative technical approach is to add aliases to an host's
> attribute and
> >use it from there. I suspect that this would be less flexible and
> less
> >future-proof.
> I don't see a need for alias-as-a-property. Instead, I'm interested in
> having a possibility to have different keys, certificates, etc, on
> objects used as aliases. This improves security position by splitting
> the manager and the user of the resource.
Can you elaborate on this ?
Are you misusing the "alias" word here to just mean "host that have
multiple identities" like clusters/load ballancers/proxies etc... ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list