[Engine-patches] Change in ovirt-engine[master]: tools: Add --resolve-kdc arg to engine-manage-domains

Sun, 09 Mar 2014 04:53:32 -0700 

Yair Zaslavsky has posted comments on this change.

Change subject: tools: Add --resolve-kdc arg to engine-manage-domains
......................................................................


Patch Set 2:

(1 comment)

http://gerrit.ovirt.org/#/c/24576/2/backend/manager/tools/src/main/java/org/ovirt/engine/core/domains/ManageDomains.java
File 
backend/manager/tools/src/main/java/org/ovirt/engine/core/domains/ManageDomains.java:

Line 742:             try {
Line 743:                 log.info("Creating kerberos configuration for 
domain(s): " + gssapiDomainsString);
Line 744:                 useDnsLookup = utilityConfiguration.getUseDnsLookup();
Line 745:                 String domainRealmMappingFile = 
utilityConfiguration.getDomainRealmMappingFile();
Line 746:                 if (!args.contains(ARG_LDAP_SERVERS) && useDnsLookup
hmm, i would consider to tackle this differently -
1. if --ldap-servers exist -
1.1  if --resolve-kdc exist - use it to issue DNS srv request to get the 
kerberos servers
Else
   --resolve-kdc if exists overrides useDnsLookup (meaning, the behavior will 
be same as useDnsLookup == true).

in the case of --ldap-servers exist - I think we should have the resolving done 
inside KrbConfCreator.

The motivation behind this is to allow different ordering of the kdcs and the 
ldap servers .

Another option is perhaps to solve is simply provide a kdc list argument..
Line 747:                         || args.contains(ARG_RESOLVE_KDC)) {
Line 748:                     // Arguments do not contain a list of ldap 
servers, so the
Line 749:                     // kerberos configuration should not be created 
according to it if
Line 750:                     // useDnsLookup is set to true or resolve KDC 
argument was entered.


-- 
To view, visit http://gerrit.ovirt.org/24576
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I7884eae1c67636c7fc4578f7f16358205702ef64
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Martin Peřina <[email protected]>
Gerrit-Reviewer: Martin Peřina <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to