Re: [Freeipa-devel] [PATCH] Add sidgen postop and task
On 06/27/2012 12:27 PM, Alexander Bokovoy wrote: > On Mon, 25 Jun 2012, Sumit Bose wrote: >> Hi, >> >> this patch added support to automatically create SIDs for local objects >> as described in ticket https://fedorahosted.org/freeipa/ticket/2825. >> >> The post-operation plugin adds the SID and if necessary the needed >> objectclass for a newly created object. > ACK. > > Works for me in tests. > >> The directory server task can you used to set SID to existing objects in >> one run. Since there were concerns about the amount of replication >> traffic this task accepts a parameter 'delay' to let the task pause for >> the given number of micro-seconds after an object was changed. I also do >> not start the task during ipa-adtrust-install to allow to run the task >> at a more appropriate time. I wonder if it is ok to just have an ldif >> file as example and explain in the docs how to start the task with >> ldapmodify or if a tighter integration is needed. Typically this task >> should be called only once after ipa-adtrust-install. > We probably would need to make something like 'ipa-task-manage' that > would allow listing, enabling, scheduling, and disabling all supported > tasks. > > Something to work on once we have refactored installer/tools > infrastructure in 3.1? > Do we need a ticket for that? -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Add sidgen postop and task
On 06/27/2012 06:27 PM, Alexander Bokovoy wrote: > On Mon, 25 Jun 2012, Sumit Bose wrote: >> Hi, >> >> this patch added support to automatically create SIDs for local objects >> as described in ticket https://fedorahosted.org/freeipa/ticket/2825. >> >> The post-operation plugin adds the SID and if necessary the needed >> objectclass for a newly created object. > ACK. > > Works for me in tests. Pushed to master. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Add sidgen postop and task
On Mon, 25 Jun 2012, Sumit Bose wrote: Hi, this patch added support to automatically create SIDs for local objects as described in ticket https://fedorahosted.org/freeipa/ticket/2825. The post-operation plugin adds the SID and if necessary the needed objectclass for a newly created object. ACK. Works for me in tests. The directory server task can you used to set SID to existing objects in one run. Since there were concerns about the amount of replication traffic this task accepts a parameter 'delay' to let the task pause for the given number of micro-seconds after an object was changed. I also do not start the task during ipa-adtrust-install to allow to run the task at a more appropriate time. I wonder if it is ok to just have an ldif file as example and explain in the docs how to start the task with ldapmodify or if a tighter integration is needed. Typically this task should be called only once after ipa-adtrust-install. We probably would need to make something like 'ipa-task-manage' that would allow listing, enabling, scheduling, and disabling all supported tasks. Something to work on once we have refactored installer/tools infrastructure in 3.1? -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
