URL: https://github.com/freeipa/freeipa/pull/812 Title: #812: [WIP] Refactoring cert-find to use API call directly instead of using
HonzaCholasta commented: """ @felipevolpone, that is a bad idea. Calling the API instead of doing a direct LDAP search would degrade performace (currently everything is done in a single LDAP search, with API calls it will be *at least* one LDAP search per owner class) and offers less flexibility (the current code allows you to find *any* LDAP entry which refers to a certificate, with API calls you are limited to whatever is defined in the API). The PR currently breaks the `--user` and `--host` options, because they no longer expect a user name and host name, but principal names (as @martbab already pointed out). """ See the full comment at https://github.com/freeipa/freeipa/pull/812#issuecomment-305090643
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org