On Fri, Oct 15, 2010 at 9:21 PM, Emmanuel Lecharny <firstname.lastname@example.org>
Good question ...
On 10/15/10 2:12 PM, Pierre-Arnaud Marcelot wrote:
I'm really wondering if we should not remove the 'System' partition.
Been waiting for this for a while but always wanted a default partition with nestable partitions underneath it. Spoke about this in another email on this thread.
No idea. The ou=cnfiguration branch is probably dead wood.
I don't know the role of this entry 'prefNodeName=sysPrefRoot,ou=system', if it still has any role?
I *think* the ou=users,ou=system are usefull for kerberos and triplesec.
The following entries are not very useful too:
| - cn=Administrators,ou=groups,ou=system
Isn't is better that the user creates its users in its own partition?
Even our admin user is not in the 'ou=users' organizational unit...
Yeah can't remember for sure. I know KRB defines path to users based on the realm name transformation to DN using the domain-to-DN mapping technique (think there's an real skinny RFC for this).
As you can see, the only valid information in the whole partition is the credentials of the admin (should we say default) user.
Again the groups matter.
I think we can remove the ou=system partition at this point, and use the ou=config to store the informations related to the administrator.
I really think this information should be placed in the configuration (we could also allow the redefinition of the admin user DN).
It would allow the user to edit these settings without having to start the server (at least) once.
That would be good but won't be trivial.
So far, considering ou=system as a special partition is probably not anymore necessary.
Note that, as Kiran said, this partition is used by a hell lot of tests, so removing it will be costly.
If we remove it, I would suggest we restore the automatic creation of the context entry : it's so painful to have to add it when we create a partition that we should find a way to do that automatically.