On 7.2.2013 13:38, Sumit Bose wrote:
On Wed, Feb 06, 2013 at 06:27:26PM +0100, Ana Krivokapic wrote:
Hello,
Below is a design page for ticket:
https://fedorahosted.org/freeipa/ticket/2945.
There are a couple of questions in the text.
about 'Do we also need to check if the domain is accessible through
DNS?' I think it would be good to print a warning that no SOA or NS
record was found for the domain. But I think there might be cases where
the domain is added to the realmdomains first and then the DNS zone is
created. So my suggestion would be either
- not fail and print a warning or
- fail but allow to skip the check with a --force option.
+1 for --force option
I added questions about interaction with "ipa dnszone-add" to design document:
http://www.freeipa.org/page/V3/Realm_Domains
Should dnszone-del delete associatedDomain when whole DNS zone is being deleted?
Should dnszone-add offer an option to create associatedDomain attribute for
the new zone?
Petr^2 Spacek
I think you should discuss in 'Updates and Upgrades' if and how cn=Realm
Domains,cn=ipa,cn=etc,$SUFFIX is created during updates.
bye,
Sumit
Thoughts, comments welcome!
http://www.freeipa.org/page/V3/Realm_Domains
--
Petr^2 Spacek
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
