On Mon, Jul 13, 2015 at 03:12:13PM +0200, Petr Spacek wrote: > > Personally-opinionated-NACK. > > I would like to avoid advertising --force options when possible. --force > should not be necessary in proper setups and advertising it will make people > to use it instead of fixing underlying problems.
How do you propose for things to work when the host is pre-created (with --random) and the service should be pre-created, and then IP address will only be set by the machine itself when it IPA-enrolls with the OTP? > Can we *please* drop this patch? Does your nack go against this patch (code change), or against the ticket https://fedorahosted.org/freeipa/ticket/3959 itself? Frankly, I don't really understand why service-add checks for the DNS record at all. DNS is a property of host, not service. Yes, it might be nice to advise the user that they do not have DNS record for the host but the current ipa: ERROR: Host does not have corresponding DNS A record is just bad user experience. Do you propose to change that ERROR to warning, for example, relaxing the requirement for the DNS records being present? -- Jan Pazdziora Senior Principal Software Engineer, Identity Management Engineering, Red Hat -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code