On 7.2.2013 13:38, Sumit Bose wrote:
On Wed, Feb 06, 2013 at 06:27:26PM +0100, Ana Krivokapic wrote:
Hello,

Below is a design page for ticket:
https://fedorahosted.org/freeipa/ticket/2945.

There are a couple of questions in the text.

about 'Do we also need to check if the domain is accessible through
DNS?' I think it would be good to print a warning that no SOA or NS
record was found for the domain. But I think there might be cases where
the domain is added to the realmdomains first and then the DNS zone is
created. So my suggestion would be either
- not fail and print a warning or
- fail but allow to skip the check with a --force option.
+1 for --force option

I added questions about interaction with "ipa dnszone-add" to design document:
http://www.freeipa.org/page/V3/Realm_Domains

Should dnszone-del delete associatedDomain when whole DNS zone is being deleted?

Should dnszone-add offer an option to create associatedDomain attribute for the new zone?

Petr^2 Spacek

I think you should discuss in 'Updates and Upgrades' if and how cn=Realm
Domains,cn=ipa,cn=etc,$SUFFIX is created during updates.

bye,
Sumit

Thoughts, comments welcome!

http://www.freeipa.org/page/V3/Realm_Domains

--
Petr^2 Spacek

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to