On Tue, 05 Apr 2011 17:59:21 +0200
Martin Kosek <mko...@redhat.com> wrote:

> > I'm starting to think that the dnsrecord should not be a separate
> > entity exposed by the CLI, but instead should be wrapped up into
> > the dnszone entity.  That seems to be how the LDAP object is
> > defined.  We treat each record type as a multi-value field, and we
> > use a consistant look and feel as  email addresses and phone
> > numbers in the user object.  Then, modifying an A record is the
> > same as modifing a phone number:  us add-attr/set-addr for each
> > valu.
> >
> > Step one would be to modify the dns zone object to have this API,
> > and to mark the dnsrecord object as deprecated.  We can leave it
> > for the remainder of the release, and remove it in 3.0  
> In LDAP, we have an object for the zone with Object Classes idnszone
> and idnsrecord (e.g. example.com). Then there are LDAP objects
> representing DNS records (e.g. www) with OC idnsrecord with the DNS
> zone object as a parent. Both DNS zone and DNS record objects can
> contain the actual DNS resource records as its attributes (e.g.
> attribute srvRecord or aRecord).
> I think the current dns plugin reflects this structure well by having
> commands for both dnszone and dnsrecords. We need both objects for
> managing DNS.

I strongly agree with Martin.


Simo Sorce * Red Hat, Inc * New York

Freeipa-devel mailing list

Reply via email to