On 05/19/2015 03:56 PM, Tomas Babej wrote: > > > On 05/19/2015 03:51 PM, Martin Kosek wrote: >> On 05/19/2015 03:49 PM, Ludwig Krispenz wrote: >>> On 05/19/2015 03:36 PM, Martin Kosek wrote: >>>> On 05/19/2015 03:22 PM, Tomas Babej wrote: >>>> ... >>>>>> 3) Domain level is just a single integer and it should be treated as >>>>>> such, >>>>>> there's no need for an LDAPObject plugin and other unnecessary >>>>>> complexities. >>>>>> The implemetation could be as simple as (from top of my head, untested): >>>>> That's right, I also considered this approach, but as far as I know you do >>>>> not >>>>> get the permission handling for the global DomainLevel entry otherwise. >>>>> >>>>> Ludwig, I changed the path for the global entry to cn=DomainLevel. >>>> I know this particular DN was added to the design by Simo, but why do we >>>> want >>>> to use CamelCase with LDAP object? >>>> >>>> Wouldn't "cn=Domain Level,cn=ipa,cn=etc,SUFFIX" be a better place for it? >>>> This >>>> is the last time we can change it, so I am asking now. Then, we will be >>>> stuck >>>> with this DN forever. >>> I don't mind using ""cn=Domain Level" , >>> >>> but where does the entry live, here you say >>> >>> cn=Domain Level,cn=ipa,cn=etc,SUFFIX" >>> >>> and in the design page it is: >>> >>> cn=DomainLevel,cn=etc,SUFFIX >>> >>> The current version of the topology plugin is looking for >>> >>> cn=DomainLevel,cn=ipa,cn=etc,SUFFIX" >>> but I want to change it to do a search on objectclass=ipaDomainLevelConfig >> I see - we all need to unify the location apparently. I updated the design >> page >> to use "cn=Domain Level,cn=ipa,cn=etc,SUFFIX". Tomas, please send the updated >> patch set, it should be an extremely simple change :-) > > I prefer the ipa parent and the space in the name, so I'm glad we could agree > on this without much bikeshedding. > > Updated patch attaced. > > Tomas > >
I still see +# Create default Domain Level entry if it does not exist +dn: cn=DomainLevel,cn=ipa,cn=etc,$SUFFIX +default: objectClass: top +default: objectClass: nsContainer +default: objectClass: ipaDomainLevelConfig +default: ipaDomainLevel: 0 ... -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code