Hi Winfried,

On to, 06 heinä 2017, Winfried de Heiden via FreeIPA-users wrote:
Hi all,

There's a nice litle article on http://www.freeipa.org/page/V3/Multiten

Multi-tenancy  is an aspect of Identity Management (IdM) where
parties use the same resource without learn any information about each 
other.   The example is two rival companies who both operate servers 
hosted in a public cloud.  Neither company should be aware of the 
existance of the other users presence in the web  using, and they 
definitely should not be able to enumerate either the users or the
 of the other company  due to information leaks inside the cloud 

The article is rather old and Multitenancy seems not possible in
FreeIPA 4.x. 

Is there any progress on this, future plans? Multitenancy for IPA
should be a very nice feature!
While it may sound as a nice feature, it is very hard to implement, as
that article tells you that it would go against current FreeIPA LDAP
DIT design and assumptions in the code.

We are not planning to work on that feature in short to mid-term time.
In fact, we are planning to reduce amount of new features being added
for next few major releases, to concentrate on making FreeIPA bullet-proof:

- better handling of error conditions
- better support for various installation needs with Ansible
- better diagnosing tools
- etc

we have enough features already for most common use cases that
concentrating on day to day operations' predictability becomes important
before we move forward.

This does not mean we would stop with new features. Rather, we want to
make a solid platform to deliver features as add-ons at some point in

/ Alexander Bokovoy
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to