Am 25.06.2015 um 17:47 schrieb Simo Sorce:

Yes, the whole project is complex, but not because we like complexity,
it is complex because the problem space is complex and we are bound to
use existing protocols, which sometimes add in complexity, and we want
to offer useful features to admins, so they can think about managing
stuff and not about the plumbing all the time.


Sure, the problem space is a lot more complex than say ls.

But I think there is room for improvement, by making the individual tools somewhat more resilient to unexpected behaviour in other components.

For example, if there's any nsuniqueid group present in a users entry, login authentication via sssd breaks with a cryptic error message. It would be nice, IMO, if it didn't break or if it at least issued a better error message.

Furthermore, a good graphical generic LDAP editor would make the admin's life significantly easier, IMO. I so far haven't found one. There's gq, which works, mostly, but crashes relatively frequently. I'm mostly using ldapvi now, which works quite well but only after studying its manual.

Thomas

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to