On Aug 2, 2011, at 5:55 AM, "Rob Crittenden" <rcrit...@redhat.com> wrote:
> JR Aquino wrote:
>> I am fairly opposed to removing 'default' attrs which the rules are applied 
>> to...  I am happy to provide a means to override them.
>> While it may be second nature for all of us to know that there is an fqdn 
>> attribute, etc, our consumers are likely not going to intrinsically know our 
>> schema.  We also deliberately mask the real attribute names in the 
>> framework. (fqdn = Host name)
>> Providing a default feels like a happy medium which allows for ease of use 
>> and somewhat of a safety belt against users defining an incorrect attribute 
>> name.
>> It also might get somewhat tiring to constantly provide --key=fqdn every 
>> time you add a hostname regex?
> Ok, but when you display rules fqdn is displayed. How are users to know
> they shouldn't include fqdn= when removing existing rules?

I guess my preference would be to heavily document, in the example, the plugin, 
and the docs...

My concern is that without a default, a typo in the attr would produce 
unintended results.  Without a schema checker, it's kinda tough to take an attr 
at face value from a user.  Does the python ldap implementation have a means to 
check schema in order to verify an attribute?

The design of the automember pluginhHaving the attr in the Regex does make for 
some complexity.... 

Freeipa-devel mailing list

Reply via email to