On Mon, 12 Dec 2011, Rob Crittenden wrote: > Alexander Bokovoy wrote: > >Hi, > > > >I'm working on ticket #1821 to introduce FreeIPA 3.0 AD trusts > >management CLI and GUI. It is quite apparent that most of management > >commands will be similar to all future trust types (AD, IPA, etc), > >thus, it makes sense to develop a generalized `ipa trust' family of > >commands that would apply to all types of trusts. > > > >Let's start with CLI. Below is a first cut at how I see trust > >management command line interface. Comments, corrections, and critique > >are all welcomed. > > > >One of FreeIPA v3.0 major features will be support for cross-realm > >trusts with the emphasis on trusts to Active Directory domains. This > >documents attempts to design a common interface for managing trusts > >with FreeIPA tools (command line and GUI). > > > >`ipa trust' > >=========== > > > >`ipa trust' is a common family of operations on trusts. Trusts can be: > > * created (ipa trust-add) > > * listed (ipa trust-find) > > * viewed (ipa trust-show) > > * removed (ipa trust-del) > modified? What can me modify once trust is established? I was unsure in it and decided removing trust and re-creating is simpler.
> ipa-adtrust-install runs as root and needs to do things that the IPA > server can't do. Not really -- see my answer to Simo. -- / Alexander Bokovoy _______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel