[Freeipa-users] Propose FreeIPA theses: IPA support for sites
Dmitri Pal
dpal at redhat.com
Fri Mar 7 15:12:43 UTC 2014
On 03/06/2014 10:55 AM, Petr Spacek wrote:
> On 6.3.2014 14:32, Petr Spacek wrote:
>> now it is the right time to propose topics for theses in the next
>> university
>> year.
>
> I propose "[RFE] IPA should support and manage DNS sites"
> https://fedorahosted.org/freeipa/ticket/2008
>
> It is rotting in the backlog and we are not going to touch it any time
> soon.
>
> There is very low amount of 'theory' behind it but IMHO it is complex
> enough:
> - Some theoretical analysis of our proposal sounds like a good idea.
> We don't know if it is the best way or not.
> - Some testing with various *real* non-SSSD clients will be helpful.
> - Analysis how this can work with DNSSEC will be helpful.
> - This feature needs API/CLI/UI design. It is not clear how the
> workflow should look like etc.
> - Support for roaming clients (in bind-dyndb-ldap) is missing.
>
> The scope can be changed as necessary.
>
We need to check if those are still relevant
*
https://thesis-managementsystem.rhcloud.com/topic/show/179/java-loginmodule-using-gssapi
<- I heard JBoss guys are fixing it
* We are talking to Mongo about this:
https://thesis-managementsystem.rhcloud.com/topic/show/95/gssapi-auth-plugin-for-mongodb-
I would consider pushing it lower in priority
* Is this still not implemented:
https://thesis-managementsystem.rhcloud.com/topic/show/14/support-the-native-ipa-sudo-schema-
?
* Is this really needed any more?
https://thesis-managementsystem.rhcloud.com/topic/show/13/document-the-internals-of-libldb-and-create-an-example-module-and-example-back-end
It looks like Yassir's document covers a lot.
* This
https://thesis-managementsystem.rhcloud.com/topic/show/12/implement-support-for-additional-maps-for-the-sssd-fast-cache
is still relevant but not a super high priority.
* It is unclear whether this is needed any more:
https://thesis-managementsystem.rhcloud.com/topic/show/11/implement-3rd-party-id-mapper-in-sssd-
seems like people can either use existing mapper (green field case) or
already have UID/GID that they need to put into the central server.
* This one is taken:
https://thesis-managementsystem.rhcloud.com/topic/show/10/create-openlmi-provider-for-management-of-the-client-components
right?
*
https://thesis-managementsystem.rhcloud.com/topic/show/7/central-management-of-automount-locations-in-freeipa
- does not seem like something worth time
* This one would be really nice:
https://thesis-managementsystem.rhcloud.com/topic/show/6/reporting-capability-in-freeipa
* And this one would be nice too:
https://thesis-managementsystem.rhcloud.com/topic/show/5/time-based-account-policies-in-freeipa
Here are couple more IPA ones that came to mind:
https://fedorahosted.org/freeipa/ticket/4008
https://fedorahosted.org/freeipa/ticket/3656
https://fedorahosted.org/freeipa/ticket/4062
https://fedorahosted.org/freeipa/ticket/1225 <- came up 3 times during
this week (registering external certs, uploading XML token files etc.)
May be it is a special IPA command like: ipa upload-and-run that would
use scp to copy file to the server and then call a command on the server
side using this file. Details need to be worked out.
On SSSD side I used a keyword to try to group all the tickets related to
the state/status/health of SSSD.
Here is what I got:
https://fedorahosted.org/sssd/query?status=assigned&status=new&status=reopened&keywords=~Status&col=id&col=summary&col=keywords&col=status&col=owner&col=type&col=priority&col=milestone&order=priority
most in 1.13 so too soon but still there may be some work we can offer.
GNOME Keyring work
https://fedorahosted.org/sssd/ticket/2221
https://fedorahosted.org/sssd/ticket/2222
UID/GID solution
https://fedorahosted.org/sssd/ticket/1715
Chaining access providers:
https://fedorahosted.org/sssd/ticket/1326
One can dig more into 14-15 releases to see if there is anything else
worth looking into.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list