Call for Bikeshedding: remote auth at install time
gdt at gdt.id.au
Sat Jun 8 23:54:35 UTC 2013
Kickstart is fine for centrally managed devices. They've got experienced
sysadmins who don't mind getting dirty with configuration files.
The real kicker is people who manage their own device: not just BYOD
but also part-time sysadmins who can't run the corporate distribution.
These people can suck substantial time from deep support at the help desk.
For those people there does needs to be an easy way for them to configure
a network authenticating account. But there's no need for that to be
in the installation dialogues. Considering that IT support might approach
them well after installation and say "our policy is that machine
authenticate against the Corporate Blah rather than have local
authentication" there's a strong argument for being able to do this well
away from installation.
I'd also strongly encourage a design which makes it easy for a
corporate-issued RPM to configure the authentication. For an example of
something wonderful, NetworkManager has a one-file-per-ssid design so its
easy for a RPM to drop in the configuration files for the corporate wireless.
I'd really like a company to be able to have a set of noarch RPMS which put
in place the minimum configuration for use within the organisation.
More information about the devel