On 7.2.2013 13:38, Sumit Bose wrote:
On Wed, Feb 06, 2013 at 06:27:26PM +0100, Ana Krivokapic wrote:
Below is a design page for ticket:
There are a couple of questions in the text.
about 'Do we also need to check if the domain is accessible through
DNS?' I think it would be good to print a warning that no SOA or NS
record was found for the domain. But I think there might be cases where
the domain is added to the realmdomains first and then the DNS zone is
created. So my suggestion would be either
- not fail and print a warning or
- fail but allow to skip the check with a --force option.
+1 for --force option
I added questions about interaction with "ipa dnszone-add" to design document:
Should dnszone-del delete associatedDomain when whole DNS zone is being deleted?
Should dnszone-add offer an option to create associatedDomain attribute for
the new zone?
I think you should discuss in 'Updates and Upgrades' if and how cn=Realm
Domains,cn=ipa,cn=etc,$SUFFIX is created during updates.
Thoughts, comments welcome!
Freeipa-devel mailing list