[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GOsa features required by Debian Edu

Hi Cajus,

I try to jump in here and give some feedback - but I don't have any
recent experience with real world installations.

On Mon, Aug 01, 2016 at 10:35:12AM +0200, Cajus Pollmeier wrote:
> Is it possible to obtain a typical (anonymized) Debian EDU LDAP tree
> that is suitable for testing? Maybe this is the easiest way to
> understand how it's used.

A dump file is attached, unsure if you meant something like that. IMO it 
might be better to just install Debian Edu Jessie (profiles main-server 
and workstation would be enough).

It won't take that long to install a (standalone) virtual machine using 
the USB-ISO-image; a disk size of 40 GiB is recommended. To save time: 
unplug all virtual network cables and choose to leave the network 
unconfigured after DHCP configuration fails; the machine will come up 
configured after a reboot.

See: https://www.debian.org/News/2016/20160702
for some more information (w/ download url). 
> > gosa-plugin-dhcp
> > gosa-plugin-dns
> > gosa-plugin-goto
> > gosa-plugin-systems
> What features of the GOto plugin do you use? The tasks of the original
> plugin are relatively wide spread from system deployment/configuration
> and user/environment/application settings.

It's only a tiny subset to be able to also choose 'workstation' and 
'printer' as system type, not just 'server' and 'netdevice'.
> Luckily there's no gosa-plugin-fai installed, so at least the
> deployment is done differently. FAI support will be dropped in future
> versions of GOsa and we're going to share data/API with tools like "The
> Foreman".
> This may affect the current DNS/DHCP plugins. What do you use them for?
> Complete zone management, or just client stuff?

As far as I know it's more or less the client stuff for predefined 
zones. The DHCP daemon fetches configuration from LDAP and ldap2zone is 
used to update DNS configuration.

> > gosa-plugin-ldapmanager
> What is used from that one?

Import of user data via CSV file; unsure if export is really working, 
would be appreciated.
> > gosa-plugin-sudo
> We had some discussion going on about the sudoers support and we're not
> sure yet if it's worth the work.
> Is it possible to use i.e. a group based approach in your setups, so
> that a static sudoers/sudoers.d collection can be deployed?

Unsure, maybe it's doable.

All in all, a lot of existing plugin features are unused (and greyed out 
via gosa.conf) as far as possible.

Thanks for working on GOsa³.


Attachment: ldapdump.ldif.xz
Description: application/xz

Attachment: signature.asc
Description: Digital signature

Reply to: