Hi everyone,
I'm currently working on my thesis. It's objective is $SUBJ and we
already have ticket for that: #194
<https://fedorahosted.org/freeipa/ticket/194>. The task is to create two
more replica types - the HUB and Consumer. In 389-DS both the HUB and
Consumer are read-only. Additionally the HUB can push the data to the
Consumers.
In case of FreeIPA the server is not only providing data, but also
services like CA, NTP, DNS, Kerberos. Therefore I'm kindly asking you
for advices and opinions on that:
1. What should be the position of HUB?
I mean should it be used as an interconnection between Masters and
Consumers only, so that it will be 'hidden' in the topology and only
forwards the updates, or should the HUB be also used as a regular
Consumer which has additional ability to push the updates further to
Consumers/HUBS?
2. Which services should be available on HUB and Consumer?
I think, the priority of these replicas would be to answer to data
request by ipa whatever-(find|show) commands or to provide some LDAP
data for email addressing etc. Also it shouldn't cause much trouble to
run NTP on Consumer, but what about Kerberos or CA? Is it a good
solution to let users authenticate against these replicas? Is it correct
to leave classified data like passwords on these replicas?
Thanks in advance for your reactions
Ondra
--
Regards,
Ondrej Hamada
FreeIPA team
jabber:oh...@jabbim.cz
IRC: ohamada
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
