- after the firstboot page, redirect to a page which would
   have a timeout before redirecting back to "/" so that
   the realm can be configured

 - from firstboot, issue the user with a cookie that can be
   used to authenticate them for a period rather than
   presenting them with a "login failed" and forcing them
   to obtain a kerberos ticket

 - the firstboot form is extremely lame right now:

     + Make the hostname/IP address more clever - e.g.
       don't display those fields at all unless there's
       no hostname configured

     + Suggest a realm name from the hostname

     + Password test should be hidden

     + Validate the input

     + Redirect to "/" if the initial configuration
       has already been done

 - ipa_configd is crashing after configuring the
   realm with an LDAP connection error

 - the server hostname needs to be written to ipa.conf
   at install time for the web UI. Right now we only
   write it when we're configuring the realm.

 - configuring the admin password via cn=config,dc=IPA
   is silly

 - the --setup-bind option isn't currently supported by
   firstboot

 - make ipa-server-install use the code from ipaconfigd
   rather than duplicating it when a realm name is
   supplied on the command line

 - ldapwatch packaging on 64 bit - we install it in
   %{python_sitelib} rather than %{python_sitearch}