Re: [Freeipa-devel] FreeIPA 3.4 - 4.0
On 02/26/2014 11:50 PM, Dmitri Pal wrote: On 02/26/2014 09:46 AM, Petr Viktorin wrote: On 02/26/2014 12:24 PM, Martin Kosek wrote: Hello all, I would like to discuss a proposal that Simo had on FreeIPA devel meeting. Given permission/ACI refactoring that Petr3 is working on, people may have issues with access to their LDAP if they played too much with the default ACIs or if they expect that some information stays accessible in the new version. It may not stay accessible we are removing the SUFFIX level all allowing ACIs and creating custom read ACIs. Bottom line is we need to do our best in making our users aware that there are big changes in this version they need to be aware of. One way is to release a new major release with appropriate release notes. I support that move, I think we have enough big features planned to justify new major release: * Permissions/ACIs * OTP * DNSSEC (hopefully) * CA Certificate Management Tool * Big Web UI face lift and refactoring * ... If there is no push back against that idea, let's do it. I would then rename the 3.4 milestones to 4.0 and 3.5 milestones to 4.1. +1 I guess the http://www.freeipa.org/page/V3 tree will also need some renaming. I am concerned that it will do more harm than good but do not have valid arguments against. So +1 from me too. I completed all required changes: * Trac milestones changes * Creating new http://www.freeipa.org/page/V4 tree and renaming of the respective designs * Updating any references to 3.4 or 3.5 in the wiki If I missed anything, please ping me. Thanks, Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] FreeIPA 3.4 - 4.0
On Wed, 26 Feb 2014, Martin Kosek wrote: Hello all, I would like to discuss a proposal that Simo had on FreeIPA devel meeting. Given permission/ACI refactoring that Petr3 is working on, people may have issues with access to their LDAP if they played too much with the default ACIs or if they expect that some information stays accessible in the new version. It may not stay accessible we are removing the SUFFIX level all allowing ACIs and creating custom read ACIs. Bottom line is we need to do our best in making our users aware that there are big changes in this version they need to be aware of. One way is to release a new major release with appropriate release notes. I support that move, I think we have enough big features planned to justify new major release: * Permissions/ACIs * OTP * DNSSEC (hopefully) * CA Certificate Management Tool * Big Web UI face lift and refactoring * ... I agree. If we succeed with global catalog work, it would too be big enough feature. If there is no push back against that idea, let's do it. I would then rename the 3.4 milestones to 4.0 and 3.5 milestones to 4.1. Yep. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] FreeIPA 3.4 - 4.0
On Wed, 26 Feb 2014, Martin Kosek wrote: On 02/26/2014 12:31 PM, Alexander Bokovoy wrote: On Wed, 26 Feb 2014, Martin Kosek wrote: Hello all, I would like to discuss a proposal that Simo had on FreeIPA devel meeting. Given permission/ACI refactoring that Petr3 is working on, people may have issues with access to their LDAP if they played too much with the default ACIs or if they expect that some information stays accessible in the new version. It may not stay accessible we are removing the SUFFIX level all allowing ACIs and creating custom read ACIs. Bottom line is we need to do our best in making our users aware that there are big changes in this version they need to be aware of. One way is to release a new major release with appropriate release notes. I support that move, I think we have enough big features planned to justify new major release: * Permissions/ACIs * OTP * DNSSEC (hopefully) * CA Certificate Management Tool * Big Web UI face lift and refactoring * ... I agree. If we succeed with global catalog work, it would too be big enough feature. Right. Though in this particular case it would also fit in the 3.x line as it would be actually completing our 3.x theme which is AD trust. It would add the IPA - AD part. Technically it would be considerable change -- with new (cached) DS instance and a specialized schema, etc. -- / Alexander Bokovoy ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] FreeIPA 3.4 - 4.0
On 02/26/2014 12:24 PM, Martin Kosek wrote: Hello all, I would like to discuss a proposal that Simo had on FreeIPA devel meeting. Given permission/ACI refactoring that Petr3 is working on, people may have issues with access to their LDAP if they played too much with the default ACIs or if they expect that some information stays accessible in the new version. It may not stay accessible we are removing the SUFFIX level all allowing ACIs and creating custom read ACIs. Bottom line is we need to do our best in making our users aware that there are big changes in this version they need to be aware of. One way is to release a new major release with appropriate release notes. I support that move, I think we have enough big features planned to justify new major release: * Permissions/ACIs * OTP * DNSSEC (hopefully) * CA Certificate Management Tool * Big Web UI face lift and refactoring * ... If there is no push back against that idea, let's do it. I would then rename the 3.4 milestones to 4.0 and 3.5 milestones to 4.1. +1 I guess the http://www.freeipa.org/page/V3 tree will also need some renaming. -- PetrĀ³ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] FreeIPA 3.4 - 4.0
On 02/26/2014 09:46 AM, Petr Viktorin wrote: On 02/26/2014 12:24 PM, Martin Kosek wrote: Hello all, I would like to discuss a proposal that Simo had on FreeIPA devel meeting. Given permission/ACI refactoring that Petr3 is working on, people may have issues with access to their LDAP if they played too much with the default ACIs or if they expect that some information stays accessible in the new version. It may not stay accessible we are removing the SUFFIX level all allowing ACIs and creating custom read ACIs. Bottom line is we need to do our best in making our users aware that there are big changes in this version they need to be aware of. One way is to release a new major release with appropriate release notes. I support that move, I think we have enough big features planned to justify new major release: * Permissions/ACIs * OTP * DNSSEC (hopefully) * CA Certificate Management Tool * Big Web UI face lift and refactoring * ... If there is no push back against that idea, let's do it. I would then rename the 3.4 milestones to 4.0 and 3.5 milestones to 4.1. +1 I guess the http://www.freeipa.org/page/V3 tree will also need some renaming. I am concerned that it will do more harm than good but do not have valid arguments against. So +1 from me too. -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel