[Freeipa-users] Howto re-deploy an IPA-client using kickstart

Dmitri Pal dpal at redhat.com
Fri Jan 25 16:47:31 UTC 2013 

On 01/25/2013 03:35 AM, Fred van Zwieten wrote:
> And, using the ipa command is only possible on ipa clients.
>
> Although our Satellite server is an IPA client, I am (as of yet)
> unable to execute ipa commands from any ipa client prior to the
> re-install request from Satellite. There is, afaik, no such thing as a
> pre-reinstall hook or anything like that.
>
Can you please file an RFE against Satellite and pass it to us? It would
be much easier for us to have a conversation with Satellite/Spacewalk
community.


> As for the ipa-host-mod --password=foo thing. You can first run the
> command "ipa disable-host <fqdn> and _then_ run "ipa host-mod <fqdn>
> --password=foo

Yes this is what I meant. Sorry for confusion.

>
>
> Met vriendelijke groeten,
> *
> Fred van Zwieten
> *
> *Enterprise Open Source Services*
> *
> Consultant*
> /(vrijdags afwezig)/
>
> *VX Company IT Services B.V.*
> *T* (035) 539 09 50 mobiel (06) 41 68 28 48
> *F* (035) 539 09 08
> *E* fvzwieten at vxcompany.com <mailto:fvzwieten at vxcompany.com>
> *I*  www.vxcompany.com <http://www.vxcompany.com/>
>
>
> On Fri, Jan 25, 2013 at 3:40 AM, Simo Sorce <simo at redhat.com
> <mailto:simo at redhat.com>> wrote:
>
>     On Thu, 2013-01-24 at 21:36 -0500, Matthew Barr wrote:
>     > On Jan 24, 2013, at 6:53 PM, Dmitri Pal <dpal at redhat.com
>     <mailto:dpal at redhat.com>> wrote:
>     > >
>     > > Yes you can set it again. This is how we envisioned the
>     feature to be used.
>     > > If it does not work it is a bug.
>     >
>     >
>     > ipa-server-2.2.0-16.el6.x86_64, Centos 6.3
>     >
>     > [mbarr at ipa ~]$ ipa host-mod wiki01.ayisnap.com
>     <http://wiki01.ayisnap.com> --password=foo
>     > ipa: ERROR: invalid 'password': Password cannot be set on
>     enrolled host.
>
>     Matthew this is indeed the correct behavior, previous information from
>     Dmitri was not correct.
>
>     Once a host is enrolled you cannot reset the OTP password as that
>     would
>     effectively mean destroying the hosts credentials while the host is
>     enrolled. Currently the IPA workflow expects you unenroll the client
>     first.
>
>     Simo.
>
>     --
>     Simo Sorce * Red Hat, Inc * New York
>
>     _______________________________________________
>     Freeipa-users mailing list
>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130125/69136e39/attachment.htm>

More information about the Freeipa-users mailing list