On 04/11/2013 01:26 PM, Petr Spacek wrote: > On 11.4.2013 13:24, Alexander Bokovoy wrote: >> On Thu, 11 Apr 2013, Petr Spacek wrote: >>> On 11.4.2013 13:09, Ana Krivokapic wrote: >>>> Integrate realmdomains with IPA DNS >>>> >>>> Add an entry to realmdomains when a DNS zone is added to IPA. Delete the >>>> related entry from realmdomains when the DNS zone is deleted from IPA. >>>> >>>> https://fedorahosted.org/freeipa/ticket/3544 >>> >>> I would add a TXT record as I described in >>> https://fedorahosted.org/freeipa/ticket/3544#comment:8 >>> >>> This integration probably should go to both commands, realmdomains-* >>> dnszone-*. >>> >>> Any objections? AB? >> Adding TXT record is probably harmless. >> >> I would actually add the TXT record creation only to realmdomains-* and >> trigger it only in case we manage our DNS and DNS zone is there. >> This way a hook from dnszone-add will trigger adding TXT record back (via >> call to >> realmdomains-mod --add and then TXT record addition from there). Also >> the fact that admin added manually some domain to realmdomains mapping >> means that it is implied to be used in obtaining TGTs, so TXT record is >> helpful there as well. > > Okay, it makes sense. We will see how it will work in reality. >
This whole patch and functionality should also be covered with unit tests... Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
