[Freeipa-users] Auto membership plugin
Nathan Kinder
nkinder at redhat.com
Wed Mar 30 14:39:32 UTC 2011
On 03/30/2011 06:00 AM, Dmitri Pal wrote:
> Hello,
>
> Please find the design for the auto membership plugin:
> https://fedorahosted.org/freeipa/ticket/753
> Here: http://directory.fedoraproject.org/wiki/Auto_Membership_Design
>
> I have some comments and questions:
> 1) Is the AND functionality for inclusion criteria required?
I'm not sure. Is there a use case for it?
> 2) How the attributes are escaped? Do they need to? Probably there will
> be cases when they should be escaped
Where exactly are you thinking that they need to be escaped? Why do you
think they might need to be escaped?
> 3) Parsing pairs in the value as a bit of overhead. I wonder if there is
> any way to avoid it?
Do you mean parsing the pair contained in the "autoMemberGroupingAttr"
attribute in the config definition entry? This will only be parsed when
the definition entry is loaded at startup or when it is modified. It
would be stored in a different form that is more efficient to use when
we actually need to perform auto membership operations.
-NGK
> 4) I have concerns about the UI and CLI, do you see any good ways to
> mange such entries?
>
More information about the Freeipa-users
mailing list