[Freeipa-devel] Please review: V4/AD user short names design draft
Jan Cholasta
jcholast at redhat.com
Wed Mar 8 10:02:15 UTC 2017
On 8.3.2017 10:30, Martin Babinsky wrote:
> On Tue, Feb 28, 2017 at 01:29:50PM +0100, Martin Babinsky wrote:
>> Hello list,
>>
>> I have put together a draft of design page describing server-side
>> implementation of user short name -> fully-qualified name resolution.[1]
>>
>> In the end I have taken the liberty to change a few aspects of the design we
>> have agreed on before and I will be grad if we can discuss them further.
>>
>> Me and Honza have discussed the object that should hold the domain resolution
>> order and given the fact that IPA domain can also be a part of this list, we
>> have decided that this information is no longer bound to trust configuration
>> and should be a part of the global config instead.
>>
>> Also we have purposefully cut down the API only to a raw manipulation of the
>> attribute using an option of `ipa config-mod`. The reasons for this are
>> twofold:
>>
>> * the developer resources are quite scarce and it may be good to follow
>> YAGNI[2] principle to implement the dumbest API now and not to invest into
>> more high-level interface unless there is a demand for it
>>
>> * we can imagine that the manipulation of the domain resolution order is a
>> rare operation (ideally only once all trusts are established), so I am not
>> convinced that it is worth investing into designing higher-level API
>>
>> I propose we first develop the "dumber" parts first to unblock the SSSD part.
>> If we have spare cycle afterwards then we can design and implement more
>> bells-and-whistles afterwards.
>>
>> [1] https://www.freeipa.org/page/V4/AD_User_Short_Names
>> [2] https://en.wikipedia.org/wiki/You_aren%27t_gonna_need_it
>>
>> --
>> Martin^3 Babinsky
>>
>> --
>> Manage your subscription for the Freeipa-devel mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>> Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
>
> I have updated the design page[1] and incorporated most of the comments from all
> reviewers. The most dramatic change is that I have expanded the discussion by
> the possibility for overriding global domain resolution order by ID
> view-specific settings. I have also expanded How-To section accordingly.
>
> Please try to review and comment during today as the window for development is
> quickly closing.
LGTM.
>
> [1] http://www.freeipa.org/page/V4/AD_User_Short_Names
>
--
Jan Cholasta
More information about the Freeipa-devel
mailing list