On 4.6.2014 09:37, Petr Spacek wrote:
On 4.6.2014 08:44, Martin Kosek wrote:
On 06/04/2014 08:34 AM, Martin Kosek wrote:
...
This is really good proposal! Scroll down to see three nit picks:
Users
- Users
- Groups
- SUDO
Hosts
- Hosts
- Host groups
- Services
- Netgroups
- Automount
Authentication
- OTP Tokens
- Password Policy
- Kerberos Ticket Policy
Policy
- HBAC
- SELinux User Maps
- Automember
Alternatively, we could rename Policy to "Authorization" as both HBAC and
SELinux is about authorizing what an authenticated user can do. We
would just
need to move Automember to different place, though this one is
difficult - it
relates both to Users and Hosts, just like Netgroup.
Trusts
- Trust configuration
- Trusts
- (future) Views
Infrastructure
- Certificates
^^^ I would like to see this under "Authentication". Nowaways it is used
to authenticate machines and it will be extended to user authentication
as soon as Smart Card support is added.
- DNS
- (future) Replication topology
^^^ Personally, I would place it under "IPA Configuration".
- (future) Vault
^^^ Why is Vault under "Infrastructure"? It sounds like "Authentication"
to me. It is meant to store plain-text passwords etc., no?
It seems that I'm proposing to reduce "Infrastructure" to "DNS". We can
move DNS somewhere or make DNS top-level item until we get DHCP or
something similar.
I would rather avoid having a temporary top-level item.
This also opens the question if DNS management is really the right
business for us :-) I'm personally not sure :-)
Configuration
^^^ Can it be "IPA configuration" or something like that? Just
"Configuration" seems too vague to me. After all, everything in the UI
is some kind of configuration :-)
We can leave the old "IPA Server" name. I agree that "Replication
topology" could be here because it configures the tool and not the data,
similar to other items under this category. But I think that many users
would try to find it in infrastructure.
- Global
- Access Control (RBAC)
- Realm Domains
- ID Ranges
--
Petr Vobornik
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
