[Freeipa-devel] [PATCH] Try to reacquire keytab file if host already joined
Simo Sorce
simo at redhat.com
Tue Mar 20 12:44:21 UTC 2012
On Tue, 2012-03-20 at 13:00 +0100, Lars Sjöström wrote:
> Hello fellow devs,
>
> I have a proposed patch for ticket #2106
> (https://fedorahosted.org/freeipa/ticket/2106)
>
> if return code is 13 (Host already joined) of ipa-join command the
> host will try to reacquire the keytab file.
>
> Feedback appreciated!
Hi Lars, at the very least this should be conditional and be allowed
only when an override flag is passed. The reason we punt here is that
you may be trying to join a machine with the same name of an already
joined and working machine by mistake.
We do not want to void that other machine credentials unless the admin
wants to force it.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list