On 4.6.2014 08:44, Martin Kosek wrote:
On 06/04/2014 08:34 AM, Martin Kosek wrote:
This is really good proposal! Scroll down to see three nit picks:
^^^ I would like to see this under "Authentication". Nowaways it is used to
authenticate machines and it will be extended to user authentication as soon
as Smart Card support is added.
- Host groups
- OTP Tokens
- Password Policy
- Kerberos Ticket Policy
- SELinux User Maps
Alternatively, we could rename Policy to "Authorization" as both HBAC and
SELinux is about authorizing what an authenticated user can do. We would just
need to move Automember to different place, though this one is difficult - it
relates both to Users and Hosts, just like Netgroup.
- Trust configuration
- (future) Views
- (future) Replication topology
^^^ Personally, I would place it under "IPA Configuration".
^^^ Why is Vault under "Infrastructure"? It sounds like "Authentication" to
me. It is meant to store plain-text passwords etc., no?
- (future) Vault
It seems that I'm proposing to reduce "Infrastructure" to "DNS". We can move
DNS somewhere or make DNS top-level item until we get DHCP or something similar.
This also opens the question if DNS management is really the right business
for us :-) I'm personally not sure :-)
^^^ Can it be "IPA configuration" or something like that? Just "Configuration"
seems too vague to me. After all, everything in the UI is some kind of
- Access Control (RBAC)
- Realm Domains
- ID Ranges
Freeipa-devel mailing list