Add object to ipa tree that represent the list of domains associated to our realm. This list will be used in due time to generate the [domain_realm] mappings for krb5.conf and the list of domains to be routed to our kdc through a trust relationship.
The object will look as follow, where our own DNS domain is the default value (associatedDomain is a MUST for domainRelatedObject).
The CLI/UI should ensure our own domain cannot be removed.
dn: cn=Realm Domains,cn=ipa,cn=etc,$SUFFIX objectClass: domainRelatedObject objectClass: nsContainer objectClass: top cn: Realm Domains associatedDomain: $domain associatedDomain: foo.example.com associatedDomain: bar.example.net
See ticket #2848 for the general picture
Related #2848 and #2593.
Changing 3.2 priority
IMHO it should be integrated with DNS management in some way.
At least:
associatedDomain
Improvement:
dnszone-add
Naturally, this applies only to cases where DNS is managed by IPA.
Web UI part is addressed in ticket #3407.
Added to master: 3253a30 and 1c68c3e
ipa-3-1: [[br]] 3dce95b[[br]] 7458ace
Rename "trusts" component to "Trusts" to achieve correct sorting.
Metadata Update from @simo: - Issue assigned to akrivoka - Issue set to the milestone: FreeIPA 3.2 - 2013/02
Login to comment on this ticket.