MJ J wrote: > Sure, it can be improved to become invulnerable to the academically > imaginative race conditions that are not going to happen in real life. > That will go to the very bottom of my list of things to do now, > thanks. Adding a couple of lines of Python code is such a low-hanging fruit, especially since there free examples out there. Would have been less time than writing the list postings. > FreeIPA is a cool concept, too bad it's not scalable or multi-tenant capable. Æ-DIR aims to provide similar features while providing a much better level of isolation (need-to-know, least privilege). I'd not call it multi-tenant approach though because I'm super-cautious with that term. Full multi-tenancy can always be achieved by setting up new instance in a separate name space anyway. But that's not what people usually want. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature