Hi,

I need your feedback on a problem with implementing the topology plugin: marking an replication agreement, this seems to be a never ending story


We want o mark an agreement when it is creqated by the plugin or put under control of the plugin by raising the domain level. The first idea was to rename the agreement, but this failed because DS does not support MODRDN on the cn=config backend and on second thought using a naming convetion on the rdn of the agreement entry seems to be not the best idea. The next approach was to use an attribute in the the agreement itself, and I just used description, which is multivalued and I added a description value "managed agreement ....". This works, but didn't get Simo's blessing and we agreed just to add a new objectclass "ipaReplTopoManagedAgreement", which could be used without extenting the core replication schema. I think this is the best solution, but unfortunately it fails. replication code is called when an agreement is modified and it accepts only modifications for a defined set of replication agreement attributes - other mods are rejected with UNWILLING_TO_PERORM.

I think we could enhance DS to accept a wider range of changes to the replication agreement (it already does it for winsync agreements), but this would add a new dependency on a specific DS version where this change is included.


Do you think this dependency is acceptable (topology plugin is targeted to 4.2) ? or do we need to find another clever solution or use the not so nice "description" way ?

Thanks,
Ludwig

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to