On Wed, 26 Feb 2014, Martin Kosek wrote:
On 02/26/2014 12:31 PM, Alexander Bokovoy wrote:
On Wed, 26 Feb 2014, Martin Kosek wrote:
Hello all,

I would like to discuss a proposal that Simo had on FreeIPA devel meeting.
Given permission/ACI refactoring that Petr3 is working on, people may have
issues with access to their LDAP if they played too much with the default ACIs
or if they expect that some information stays accessible in the new version. It
may not stay accessible we are removing the SUFFIX level all allowing ACIs and
creating custom read ACIs.

Bottom line is we need to do our best in making our users aware that there are
big changes in this version they need to be aware of. One way is to release a
new major release with appropriate release notes.

I support that move, I think we have enough big features planned to justify new
major release:

* Permissions/ACIs
* DNSSEC (hopefully)
* CA Certificate Management Tool
* Big Web UI face lift and refactoring
* ...
I agree. If we succeed with global catalog work, it would too be big
enough feature.

Right. Though in this particular case it would also fit in the 3.x line as it
would be actually completing our 3.x theme which is AD trust. It would add the
IPA -> AD part.
Technically it would be considerable change -- with new (cached) DS
instance and a specialized schema, etc.

/ Alexander Bokovoy

Freeipa-devel mailing list

Reply via email to