On 7.2.2013 13:38, Sumit Bose wrote:
On Wed, Feb 06, 2013 at 06:27:26PM +0100, Ana Krivokapic wrote:

Below is a design page for ticket:

There are a couple of questions in the text.

about 'Do we also need to check if the domain is accessible through
DNS?' I think it would be good to print a warning that no SOA or NS
record was found for the domain. But I think there might be cases where
the domain is added to the realmdomains first and then the DNS zone is
created. So my suggestion would be either
- not fail and print a warning or
- fail but allow to skip the check with a --force option.
+1 for --force option

I added questions about interaction with "ipa dnszone-add" to design document:

Should dnszone-del delete associatedDomain when whole DNS zone is being deleted?

Should dnszone-add offer an option to create associatedDomain attribute for the new zone?

Petr^2 Spacek

I think you should discuss in 'Updates and Upgrades' if and how cn=Realm
Domains,cn=ipa,cn=etc,$SUFFIX is created during updates.


Thoughts, comments welcome!


Petr^2 Spacek

Freeipa-devel mailing list

Reply via email to