Thanks for the responses, Rob and Dmitri! The solution sounds very elegant.

I await UPG and the next FreeIPA release (whether or not it has UPG) eagerly.

--Ryan

On 2010-05-06, at 4:16 PM, Rob Crittenden wrote:

> Ryan Thomson wrote:
>> Wow, I need to improve my search skills: http://freeipa.org/page/IPAv2_alpha2
>> My answer is at the bottom of the page!
>> My apologies, everyone.
> 
> No worries.
> 
> We're going to build this on a new feature in 389-ds, Managed Entries 
> (http://directory.fedoraproject.org/wiki/Managed_Entry_Design)
> 
> We need an enhancement in the DNA plugin to be able to keep the uidNumber and 
> gidNumber the same but the Managed Entries plugin does most of the heavy 
> lifting of avoiding race conditions for us already.
> 
> At this point we just need to wait for the next 389-ds release which should 
> be in the next few weeks. Once that is available we can create our private 
> groups.
> 
> rob
> 
>> --Ryan
>> Ryan Thomson wrote:
>>> Hi list,
>>> 
>>> I am wondering if FreeIPA is planning to conform to RHEL's user private 
>>> group (UPG) scheme? I think having an option to enable the UPG scheme would 
>>> be beneficial.
>>> 
>>> Adding a user to the v2 beta reveals that the UPG scheme is not currently 
>>> being followed with all new accounts auto-added to the default "ipausers" 
>>> group.
>>> 
>>> I noticed an older mailing list post by rob saying that UPG was being 
>>> investigated. Has there been any progress in that investigation? Any 
>>> decisions?
>>> 
>>> Thank you,
>>> 
>>> --Ryan
>>> 
>>> _______________________________________________
>>> Freeipa-users mailing list
>>> Freeipa-users@redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users@redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
> 


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to