[Freeipa-users] Minimal permissions for "joiner" account?
Michael Lasevich
mlasevich at lasevich.net
Thu Aug 14 23:29:39 UTC 2014
Not that much. For one, I am using Salt instead if Puppet, but more
importantly, if I am reading this correctly it seems to be just using full
admin account. I can already do that. By orchestration I meant setting up
the OTP for client join on the server, then passing that OTP to the client
to join it. It is not that hard to throw together, but timing in this
process can be problematic. I prefer to avoid it for the moment if I can
and just create a non-admin account for this.
On Thu, Aug 14, 2014 at 2:07 PM, James <purpleidea at gmail.com> wrote:
> On Thu, Aug 14, 2014 at 4:23 PM, Michael Lasevich
> <mlasevich at lasevich.net> wrote:
> > I am not all too comfortable to run this as admin user and not quite
> ready
> > to set up the orchestration needed to pre-join the host.
>
> Re: orchestration,
>
> https://github.com/purpleidea/puppet-ipa
>
> Does this help?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140814/90bfeae3/attachment.htm>
More information about the Freeipa-users
mailing list