On 02/10/2011 07:25 PM, David O'Brien wrote:
> Dmitri Pal wrote:
>> On 02/10/2011 03:05 PM, Jakub Hrozek wrote:
>>> On 02/10/2011 05:12 PM, Rob Crittenden wrote:
>>>> But what other roles do we need? The mind boggles and rather than
>>>> dictating what the initial ones will be I'm looking for some
>>>> guidance/suggestions.
>>>> thanks
>>>> rob
>>> I'm actually wondering if we need to define many default roles in the
>>> upstream project. I'm thinking that every organization will have
>>> different needs and different ways of role delegation anyway, so I
>>> would rather make sure this feature is well documented with examples
>>> and use cases.
>>> _______________________________________________
>>> Freeipa-devel mailing list
>>> Freeipa-devel@redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>> I think that a reasonble set of 3 -5 roles and documentation how to
>> change them should be sufficient.
> I agree. On top of what Dmitri has already sent out, this thread is a
> really good continuation of documenting delegation, permissions,
> roles, etc., especially because this area is so different from v1. If
> we look at it from two perspectives, one being What does IPA need to
> function?, and the other being What do customers need?, then we can
> probably come up with a short list and provide some basic use cases,
> descriptions, and examples.
> Dmitri's list of 5 is good, although I would suggest settling on a
> naming format, by which I mean rather than a combination of
> person-based and role-based names, use a consistent format. Security
> Architect & IPA Administrator are people (faiap), while Helpdesk is a
> department. Anyway, you get the idea.
> We've already started with Name, Description, Goals; with a few use
> cases I can put together short sections with links to existing docs on
> how to use the relevant commands, or write them as needed.
> cheers
Sounds like a good idea.

Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.

Looking to carve out IT costs?

Freeipa-devel mailing list

Reply via email to