* Find, filter and copy hand-made records from main tree into the
<tt>_locations</tt> sub-trees. This means that every hand-made record
needs to be copied and synchronized N-times where N = number of IPA
locations.
This ^^ seem the one that provides the best semantics for admins and the
least unexpected results.
My favorite option for the first version is 'document that enabling
DNS location will hide hand-made records in IPA domain.'
I do not think this is acceptable, sorry.
The feature is disabled by default and needs additional configuration
anyway so simply upgrading should not break anything.
It is also useless this way.
I'm eager to hear opinions and answers to questions above.
Well it does not help because you did not answer the questions listed in the
design page.
Anyway, here is third version of the design. It avoids copying user-made
records (basically 2 DNAMEs were replaced with bunch of CNAMEs):
http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Design_.28Version_3:_CNAME_per_service_name.29
It seems like a good middle ground:
http://www.freeipa.org/page/V4/DNS_Location_Mechanism#Comparison_of_proposals
It does seem like a decent middle ground.
And I guess an admin would be able to add custom templates if he wants
to have specific services forwarded to the location specific subtree ?

Yes, the bind-dyndb-ldap's RecordGenerator and PerServerConfigInLDAP are
generic enough. At the moment we do not plan to expose these mechanisms in
user interface, we might do that later on.

This required changes in RecordGenerator design, too:
https://fedorahosted.org/bind-dyndb-ldap/wiki/Design/RecordGenerator
I do not see where you specify the specific record names you forward to
the location trees here?

I do not understand the question. Let's have a look at the example:

# DN specifies DNS node name which will hold the generated record:
dn: idnsName=_udp,idnsname=example.com.,cn=dns,dc=example,dc=com
# this is equivalent to _udp.example.com.

objectClass: idnsTemplateObject
objectClass: top
objectClass: idnsRecord
idnsName: _udp

# sub-type determines type of the generated record = DNAME
# generated value will be _udp.your-location._locations
# it is a relative name so zone name (example.com) will be automatically 

The template is just string, so you can specify an absolute name if you want:

Of course 'ipalocation' is just a variable name so user can define his own in

Is it clearer now?

Also, CLI was updated to follow Honza's recommendations from previous 
e-mails:
http://www.freeipa.org/page/V4/DNS_Location_Mechanism#CLI
Thanks for updating all designs in concert.
