Hi Winfried,
On to, 06 heinä 2017, Winfried de Heiden via FreeIPA-users wrote:
Hi all,
There's a nice litle article on http://www.freeipa.org/page/V3/Multiten
ancy:
Multi-tenancy is an aspect of Identity Management (IdM) where
multiple
parties use the same resource without learn any information about each
other. The example is two rival companies who both operate servers
hosted in a public cloud. Neither company should be aware of the
existance of the other users presence in the web using, and they
definitely should not be able to enumerate either the users or the
hosts
of the other company due to information leaks inside the cloud
services.
The article is rather old and Multitenancy seems not possible in
FreeIPA 4.x.
Is there any progress on this, future plans? Multitenancy for IPA
should be a very nice feature!
While it may sound as a nice feature, it is very hard to implement, as
that article tells you that it would go against current FreeIPA LDAP
DIT design and assumptions in the code.
We are not planning to work on that feature in short to mid-term time.
In fact, we are planning to reduce amount of new features being added
for next few major releases, to concentrate on making FreeIPA bullet-proof:
- better handling of error conditions
- better support for various installation needs with Ansible
- better diagnosing tools
- etc
we have enough features already for most common use cases that
concentrating on day to day operations' predictability becomes important
before we move forward.
This does not mean we would stop with new features. Rather, we want to
make a solid platform to deliver features as add-ons at some point in
future.
--
/ Alexander Bokovoy
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
