On Wed, 2015-05-27 at 13:57 +0200, Jan Cholasta wrote:
> >>
> >>    ipa config-mod --enable-kdcproxy=TRUE
> >>    ipa config-mod --enable-kdcproxy=FALSE
> 
> I don't like this approach, as it is completely inconsistent with
> every 
> other optional component. There should be *one* way to handle them
> and 
> there already is one, no need to reinvent the wheel.

Sorry Jan, but this is really the correct approach.

We want a boolean in LDAP to control whether the IPA Domain allows
proxying or not, the code is embedded in the overall framework and has
no need for explicit install/uninstall unlike the CA or DNS components.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to