You're right, except for the fact that deploying 2 lines of new code into production can still be a long process ;-) The phrase comes to mind: If it ain't broken, don't fix it.
Why is this mailing list constantly used as a vehicle for people pushing their own consulting services and products? That supports the OP's question - keep the documentation terse, the examples weak and focus on the consulting-ware business model.
On Thu, Nov 16, 2017 at 12:08 PM, Michael Ströder michael@stroeder.com wrote:
MJ J wrote:
Sure, it can be improved to become invulnerable to the academically imaginative race conditions that are not going to happen in real life. That will go to the very bottom of my list of things to do now, thanks.
Adding a couple of lines of Python code is such a low-hanging fruit, especially since there free examples out there. Would have been less time than writing the list postings.
FreeIPA is a cool concept, too bad it's not scalable or multi-tenant capable.
Æ-DIR aims to provide similar features while providing a much better level of isolation (need-to-know, least privilege). I'd not call it multi-tenant approach though because I'm super-cautious with that term. Full multi-tenancy can always be achieved by setting up new instance in a separate name space anyway. But that's not what people usually want.
Ciao, Michael.