On 07/23/2013 04:31 PM, Simo Sorce wrote: > On Tue, 2013-07-23 at 16:11 +0300, Alexander Bokovoy wrote: >> On Tue, 23 Jul 2013, Simo Sorce wrote: >>> On Thu, 2013-07-18 at 18:37 +0300, Alexander Bokovoy wrote: >>>> Hi! >>>> >>>> Attached patches make possible to use HTTP/ipa.server@REALM to query AD >>>> DC over LDAP immediately after trust is established. We need this to get >>>> range discovery working prior to creating range for trusted domain. >>>> >>>> The patch 0109 makes KDC hostname cached on ipadb context to avoid >>>> resolving own hostname multiple times. >>>> >>>> The patch 0110 depends on ulc_casemap patches by Nathaniel and makes >>>> exception for HTTP/ipa.server@REALM when TGT is requested and MS-PAC is >>>> asked for -- we force refreshing list of trusted domains here. >>>> >>>> More details are available in the commit logs. >>> >>> I do not think that changing reinit interval is the right thing to do. >>> >>> I would rather pass a boolean that tells reinit to check if we have any >>> trust info, and if not unconditionally try to reinit immediately. >>> >>> I see that you treat the interval sort of like a boolean but then you >>> just race hoping the previous reload w/o trust info happened more than 1 >>> second earlier. >>> >>> I think and explicit "bool force_reload" flag would be much clearer. >>> >>> Otherwise ack. >> Attached is modified patch that uses 'bool force_reinit' (as function is >> called ipadb_reinit_mspac). >> >> I tested it together with updated Tomas patch 0076 which relies on these >> patches so I'm going to commit whole set together. > > LGTM, please proceed. > > Simo.
Just to close this thread - patch was pushed to master. Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
