cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From remibergsma <...@git.apache.org>
Subject [GitHub] cloudstack pull request: Set default networkDomain to empty instea...
Date Sun, 10 Apr 2016 17:53:10 GMT
GitHub user remibergsma opened a pull request:

    https://github.com/apache/cloudstack/pull/1485

    Set default networkDomain to empty instead of username

    The 10th field of `createUserAccount` is `networkDomain` (See `AccountService.java`) and
it is set to a var named `admin`, which is the user name.
    So, the first user that is created in a domain that links to LDAP, creates the account
within the domain, and sets the `networkDomain` field to the username. All next users are
created in the same account.
    
    Then we have the situation that in domain SBP we have a user `rbergsma` that logs in first,
gets an account created and then (unless you override) all VMs started in the SBP domain will
have network domain `rbergsma`. That is highly confusing and not what is should be.
    
    The `linkDomainToLdap` api call has no `networkDomain` field, so I propose to make this
field empty (set it to null). It's a sting and null / empty is allowed.
    
    One can also specify the networkDomain when creating a VPC and also there it is allowed
to be null.
    
    When te networkDomain is needed (and is not set in the domain and not in the VPC) it is
constructed by using `guest.domain.suffix` so there always is a networkDomain to be used.
    
    It makes more sense to manually set it on a domain level, or specify it on the VPC and
in the final case end up with something that is clearly generated (like cs342cloud.local)
rather than the username of someone else.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/remibergsma/cloudstack fix-ldap-default-domain

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cloudstack/pull/1485.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1485
    
----
commit 9e1859ee2bbe82ad742c30cd9ca9aa7393d34f36
Author: Remi Bergsma <github@remi.nl>
Date:   2016-04-10T17:50:32Z

    Set default networkDomain to empty instead of username
    
    The 10th field of createUserAccount is 'networkDomain' (AccountService.java) and it is
set to a var named 'admin', which is the user name.
    So, the first user that is created in a domain that links to LDAP, creates the account
within the domain, and sets the 'networkDomain' field to the username. All next users are
created in the same account.
    
    Then we have the situation that in domain SBP we have a user 'rbergsma' that logs in first,
gets an account created and then (unless you override) all VMs started in the SBP domain will
have network domain 'rbergsma'. That is highly confusing and not what is should be.
    
    linkDomainToLdap api call has no 'networkDomain' field, so I propose to make this field
empty (set it to null). It's a sting and null / empty is allowed.
    
    One can also specify the networkDomain when creating a VPC and also there it is allowed
to be null.
    
    When te networkDomain is needed (and is not set in the domain and not in the VPC) it is
constructed by using guest.domain.suffix so there always is a netWork domain to be used.
    
    It makes more sense to manually set it on a domain level, or specify it on the VPC and
in the final case end up with something that is clearly generated (like cs342cloud.local)
rather than the username of someone else.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message