[Freeipa-users] ipa-getkeytab automation
Doug Chapman
prjctgeek at gmail.com
Tue Jul 13 23:10:41 UTC 2010
Can anyone give me some tips or document links on client deployment
automation (I'm using puppet) to update the /etc/krb5.keytab file?
I'm using IPA 1.2.2 on Centos5 and it seems the direct approach is to script
the creation of the service principles (ipa-addservice) and extract all of
the keytabs into puppet deployed files. Is there anything I'm missing?
The ipa-addservice would require a human to login with a valid ticket in
order to work; is there any way I could create a service account with
limited permissions to allow an application to populate the Directory with
new hosts from an external source (eg: cobbler, or a database of hosts) ?
tia
--
DougC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20100713/4ebb3899/attachment.htm>
More information about the Freeipa-users
mailing list