On 02/10/2011 07:25 PM, David O'Brien wrote: > Dmitri Pal wrote: >> On 02/10/2011 03:05 PM, Jakub Hrozek wrote: >>> On 02/10/2011 05:12 PM, Rob Crittenden wrote: >>>> But what other roles do we need? The mind boggles and rather than >>>> dictating what the initial ones will be I'm looking for some >>>> guidance/suggestions. >>>> >>>> thanks >>>> >>>> rob >>> I'm actually wondering if we need to define many default roles in the >>> upstream project. I'm thinking that every organization will have >>> different needs and different ways of role delegation anyway, so I >>> would rather make sure this feature is well documented with examples >>> and use cases. >>> >>> _______________________________________________ >>> Freeipa-devel mailing list >>> Freeipaemail@example.com >>> https://www.redhat.com/mailman/listinfo/freeipa-devel >> >> I think that a reasonble set of 3 -5 roles and documentation how to >> change them should be sufficient. >> > I agree. On top of what Dmitri has already sent out, this thread is a > really good continuation of documenting delegation, permissions, > roles, etc., especially because this area is so different from v1. If > we look at it from two perspectives, one being What does IPA need to > function?, and the other being What do customers need?, then we can > probably come up with a short list and provide some basic use cases, > descriptions, and examples. > > Dmitri's list of 5 is good, although I would suggest settling on a > naming format, by which I mean rather than a combination of > person-based and role-based names, use a consistent format. Security > Architect & IPA Administrator are people (faiap), while Helpdesk is a > department. Anyway, you get the idea. > > We've already started with Name, Description, Goals; with a few use > cases I can put together short sections with links to existing docs on > how to use the relevant commands, or write them as needed. > > cheers Sounds like a good idea.
-- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel