On 8.3.2017 10:30, Martin Babinsky wrote:
On Tue, Feb 28, 2017 at 01:29:50PM +0100, Martin Babinsky wrote:
Hello list,

I have put together a draft of design page describing server-side
implementation of user short name -> fully-qualified name resolution.[1]

In the end I have taken the liberty to change a few aspects of the design we
have agreed on before and I will be grad if we can discuss them further.

Me and Honza have discussed the object that should hold the domain resolution
order and given the fact that IPA domain can also be a part of this list, we
have decided that this information is no longer bound to trust configuration
and should be a part of the global config instead.

Also we have purposefully cut down the API only to a raw manipulation of the
attribute using an option of `ipa config-mod`. The reasons for this are
twofold:

 * the developer resources are quite scarce and it may be good to follow
YAGNI[2] principle to implement the dumbest API now and not to invest into
more high-level interface unless there is a demand for it

 * we can imagine that the manipulation of the domain resolution order is a
rare operation (ideally only once all trusts are established), so I am not
convinced that it is worth investing into designing higher-level API

I propose we first develop the "dumber" parts first to unblock the SSSD part.
If we have spare cycle afterwards then we can design and implement more
bells-and-whistles afterwards.

[1] https://www.freeipa.org/page/V4/AD_User_Short_Names
[2] https://en.wikipedia.org/wiki/You_aren%27t_gonna_need_it

--
Martin^3 Babinsky

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

I have updated the design page[1] and incorporated most of the comments from all
reviewers. The most dramatic change is that I have expanded the discussion by
the possibility for overriding global domain resolution order by ID
view-specific settings. I have also expanded How-To section accordingly.

Please try to review and comment during today as the window for development is
quickly closing.

LGTM.


[1] http://www.freeipa.org/page/V4/AD_User_Short_Names



--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to