To all freeipa-interest, freeipa-users and freeipa-devel list members, The FreeIPA project team is pleased to announce the availability of the Beta 1 release of freeIPA 2.0 server [1]. - Binaries are available for F-13 and F-14. - With this beta freeIPA is feature complete. - Please do not hesitate to share feedback, criticism or bugs with us on our mailing list: [email protected]
Main Highlights of the Beta - This beta is the first attempt to show all planned capabilities of the upcoming release. - For the first time the new UI is mostly operational and can be used to perform management of the system. - Some areas are still very rough and we will appreciate your help with those. Focus of the Beta Testing - Please take a moment and look at the new Web UI. Any feedback about the general approaches, work flows, and usability is appreciated. It is still very rough but one can hopefully get a good understanding of how we plan the final UI to function and look like. - Replication management was significantly improved. Testing of multi replica configurations should be easier. - We are looking for a feedback about the DNS integration and networking issues you find in your environment configuring and using IPA with the embedded DNS enabled. Significant Changes Since Alpha 5 - FreeIPA has changed its license to GPLv3+ - Having IPA manage the reverse zone is optional. - The access control subsystem was re-written to be more understandable. For details see [2] - Support for SUDO rules - There is now a distinction between replicas and their replication agreements in the ipa-replica-manage command. It is now much easier to manage the replication topology. - Renaming entries is easier with the --rename option of the mod commands. - Fix special character handling in passwords, ensure that passwords are not logged. - Certificates can be saved as PEM files in service-show and host-show commands. - All IPA services are now started/stopped using the ipactl command. This gives us better control over the start/stop order during reboot/shutdown. - Set up ntpd first so the time is sane. - Better multi-valued value handle with --setattr and --addattr. - Add support for both RFC2307 and RFC2307bis to migration. - UID ranges were reduced by default from 1M to 200k. - Add ability to add/remove DNS records when adding/removing a host entry. - A number of i18n issues have been addressed. - Updated a lot of man pages. What is not Complete - We are still using older version of the Dogtag. New version of the Dogtag Certificate System will be based on tomcat6 and is forthcoming. - We plan to take advantage of Kerberos 1.9 that was released today but we have not finished the integration effort yet. Known Issues - IPV6 works in the installer but not the server itself - Make sure you machine can properly resolve its name before installing the server. Edit /etc/hosts to remove host name from the localhost and localhost6 lines if needed. - The UI is still rough in places<br>Use the following query [3] to see the tickets currently open against UI. - Dogtag does not work out-of-the-box on Fedora 14. To fix it for for the time being run: # ln -s /usr/share/java/xalan-j2-serializer.jar /usr/share/tomcat5/common/lib/xalan-j2-serializer.jar - Instead of Dogtag on F14 you can also try the self-signed CA which is similar to the CA that was provided in IPA v1. This was designed for testing and development and not recommended for deployment. - Make sure you enable updates-testing repository on your fedora machine. Thank you, FreeIPA development team [1] http://www.freeipa.org/page/Downloads [2] http://freeipa.org/page/Permissions [3] https://fedorahosted.org/freeipa/report/12 _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
