[Freeipa-devel] [PATCH] 0017 Integrate realmdomains with IPA DNS
Petr Spacek
pspacek at redhat.com
Thu Apr 11 11:26:27 UTC 2013
On 11.4.2013 13:24, Alexander Bokovoy wrote:
> On Thu, 11 Apr 2013, Petr Spacek wrote:
>> On 11.4.2013 13:09, Ana Krivokapic wrote:
>>> Integrate realmdomains with IPA DNS
>>>
>>> Add an entry to realmdomains when a DNS zone is added to IPA. Delete the
>>> related entry from realmdomains when the DNS zone is deleted from IPA.
>>>
>>> https://fedorahosted.org/freeipa/ticket/3544
>>
>> I would add a TXT record as I described in
>> https://fedorahosted.org/freeipa/ticket/3544#comment:8
>>
>> This integration probably should go to both commands, realmdomains-*
>> dnszone-*.
>>
>> Any objections? AB?
> Adding TXT record is probably harmless.
>
> I would actually add the TXT record creation only to realmdomains-* and
> trigger it only in case we manage our DNS and DNS zone is there.
> This way a hook from dnszone-add will trigger adding TXT record back (via call to
> realmdomains-mod --add and then TXT record addition from there). Also
> the fact that admin added manually some domain to realmdomains mapping
> means that it is implied to be used in obtaining TGTs, so TXT record is
> helpful there as well.
Okay, it makes sense. We will see how it will work in reality.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list