On 09/21/2012 10:45 AM, Petr Spacek wrote:
Hello users,

we have a question for client machine administrators:

On 09/21/2012 10:12 AM, Martin Kosek wrote:
> ..., that it may be useful to implement a script
> like "ipa-client-update" which would be capable of updating client information > (and could be entered in a cron for example) without a need to re-enroll
> client. Such script could for example:
> * update SSH keys of the client
> * update a list of IPA DNS servers in #3095
> * ...
> Martin

Would it be useful at all? What other information should updater maintain?

Ad https://fedorahosted.org/freeipa/ticket/3095:
IMHO DNS configuration on client side is job for DHCP or Puppet. Isn't it?

A client update script for SSH keys setup etc has crossed my mind too. Such a script would be useful, however the various updates should be available as separate options to the command so the admin can choose between applying some options or all options. A --update-all could be used as a place holder for updating the whole collection of options.

As far as #3095 goes, updating the DNS client configuration is a job for DHCP or Puppet/CFengine. SSSD is very much dependent on DNS to work. I don't see why SSSD should be able to change the systems DNS servers, possibly rendering itself useless.


Freeipa-users mailing list

Reply via email to