[Freeipa-users] Howto re-deploy an IPA-client using kickstart
Dmitri Pal
dpal at redhat.com
Fri Jan 25 16:47:31 UTC 2013
On 01/25/2013 03:35 AM, Fred van Zwieten wrote:
> And, using the ipa command is only possible on ipa clients.
>
> Although our Satellite server is an IPA client, I am (as of yet)
> unable to execute ipa commands from any ipa client prior to the
> re-install request from Satellite. There is, afaik, no such thing as a
> pre-reinstall hook or anything like that.
>
Can you please file an RFE against Satellite and pass it to us? It would
be much easier for us to have a conversation with Satellite/Spacewalk
community.
> As for the ipa-host-mod --password=foo thing. You can first run the
> command "ipa disable-host <fqdn> and _then_ run "ipa host-mod <fqdn>
> --password=foo
Yes this is what I meant. Sorry for confusion.
>
>
> Met vriendelijke groeten,
> *
> Fred van Zwieten
> *
> *Enterprise Open Source Services*
> *
> Consultant*
> /(vrijdags afwezig)/
>
> *VX Company IT Services B.V.*
> *T* (035) 539 09 50 mobiel (06) 41 68 28 48
> *F* (035) 539 09 08
> *E* fvzwieten at vxcompany.com <mailto:fvzwieten at vxcompany.com>
> *I* www.vxcompany.com <http://www.vxcompany.com/>
>
>
> On Fri, Jan 25, 2013 at 3:40 AM, Simo Sorce <simo at redhat.com
> <mailto:simo at redhat.com>> wrote:
>
> On Thu, 2013-01-24 at 21:36 -0500, Matthew Barr wrote:
> > On Jan 24, 2013, at 6:53 PM, Dmitri Pal <dpal at redhat.com
> <mailto:dpal at redhat.com>> wrote:
> > >
> > > Yes you can set it again. This is how we envisioned the
> feature to be used.
> > > If it does not work it is a bug.
> >
> >
> > ipa-server-2.2.0-16.el6.x86_64, Centos 6.3
> >
> > [mbarr at ipa ~]$ ipa host-mod wiki01.ayisnap.com
> <http://wiki01.ayisnap.com> --password=foo
> > ipa: ERROR: invalid 'password': Password cannot be set on
> enrolled host.
>
> Matthew this is indeed the correct behavior, previous information from
> Dmitri was not correct.
>
> Once a host is enrolled you cannot reset the OTP password as that
> would
> effectively mean destroying the hosts credentials while the host is
> enrolled. Currently the IPA workflow expects you unenroll the client
> first.
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130125/69136e39/attachment.htm>
More information about the Freeipa-users
mailing list