-
Story
-
Resolution: Won't Do
-
Undefined
-
None
-
None
-
None
Goal:
- For example: As a org with multiple IDM domains, I want new cloud VMs to automatically join the domain that matches their domain name.
Acceptance Criteria:
- When exactly one active domain registration, return that domain (i.e. the current behaviour)
- When >1 active domain registration:
- let hostname = the enrolling VM's hostname
- let resultSet = {}, n = 0
- for domain in active registered domains:
- if hostDomain is not a true subdomain of domain, continue
- if number of components in domain = n, add domain to resultSet and continue
- if number of components in domain > n, set n = number of components in domain, set resultSet = {domain}, continue
- if |resultSet| = 1, succeed with info + enrollment token for that matching domain
- if |resultSet| = 0, fail with error "no matching domain"
- if |resultSet| > 0, fail with error "multiple matching domains"
Examples:
- 3 active domains:
- ipa.test
- foo.ipa.test
- bar.ipa.test
- xyz.test
- host h1.ipa.test matches domain ipa.test
- host hello.world.ipa.test matches domain ipa.test
- host h2.abc.foo.ipa.test matches domain foo.ipa.test
- host foo.ipa.test matches domain ipa.test
- host ipa.qq.test fails (no match)
- host xyz.test fails (no match)
Additional information:
Uncertainties:
- IPA deployments that serve multiple DNS domains
- Golang DNS library that could help with implementation?
- Testing