On Mon, Dec 06, 2010 at 11:43:36AM -0500, Rob Crittenden wrote: > What if we do both? Use the one provided by the KDC if it exists > otherwise fall back to our own?
Then you're basically depending on me getting the generated LDIF right every time. I haven't previously done much validation of the result, and it turns out that I missed a couple of syntax problems during the initial import for Fedora's branch for 1.9. If we can spot any problems in that LDIF quickly enough when the krb5 package gets updated, then we'll probably be fine, otherwise I'd be worried about unintentionally breaking IPA. Up to you, I guess. Nalin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
