Mailinglist Archive: opensuse-features (130 mails)

< Previous Next >
[openFATE 313143] YaST LDAP client refactor/cleanup
Feature changed by: Jiří Suchomel (jsuchome)
Feature #313143, revision 6
Title: YaST LDAP client refactor/cleanup

openSUSE Distribution: Unconfirmed
Priority
Requester: Mandatory

Requested by: Ralf Haferkamp (rhafer)
Partner organization: openSUSE.org

Description:
Jiri (jsuchome) an I recently discussed some cleanup work we'd like to
see in the YaST ldap-client module. This feature lists the main items
we'd like to see reworked to improve the Module:
Remove no longer needed UI elements
Candidates are:
* The TLS/SSL checkbox (sssd has a hard requirement for SSL/TLS)
* The "LDAP Version 2" checkbox in the advanced settings. (there is
AFAIK no LDAPv2-only Server implementation left)
* The "Use LDAP but Disable Login" Radio Button
Restrict the UI to handle only really LDAP client related things
Currently the UI contains quite some settings which are not strictly
related to LDAP client (nss/pam) setup. Over the year ldap-client
became a bit of a disposal site for all kinds of LDAP related things,
which made the UI a bit hard to understand. We should move some things
to YaST modules where make a better fit. This is mostly about the
settings currently available in the "Administration Settings" Tab (in
"Advanced Configuration")
* The Password Policies settings seem to fit better into the ldap-
server module which already contains some of this functionality
* Default Configuration Objects for other YaST modules (e.g. mail, dns,
dhcp). Where possible the need for those special configuration objects
should be removed. When a specific service still requires those
configuration objects the YaST module for that service should be able
to handle those objects it self (we could still offer utils API for
that in yast2-ldap/ldap-client). E.g. the user management related
object should be configured from inside the yast2-users module. yast2-
ldap-server could offer to create default objects during the initial
LDAP server setup.
* The Home Directories on This Machine checkbox seems to be better
suite in the Users module as well.
* The rest of the values which go to /etc/sysconfig/ldap could be
written by yast2-ldap-servers. We still need to figure out how to setup
/etc/sysconfig/ldap on machines which to not run the LDAP Server but
need access to those settings. (yast2-mail, -dns-server, -dhcp-server)
* Adapt the API: move the LDAP* functions from ldap-client (impact on
other modules!)

Relations:
- related feature (feature/id: 313142)

Discussion:
#1: Jiří Suchomel (jsuchome) (2012-01-19 10:15:11)
1. Removing TLS/SSL is based on assumption that we configure SSSD only,
which is feature 313142.
2. About The "Use LDAP but Disable Login" Radio Button: did we agree on
some replacement of it? I cannot remember...

+ #2: Jiří Suchomel (jsuchome) (2012-01-23 16:25:33)
+ Added attachment proposal for simplified first screen (ldap-client-
+ redesign2.png)




--
openSUSE Feature:
https://features.opensuse.org/313143

< Previous Next >
This Thread
References