[Freeipa-users] A crazy idea maybe, migration to Free-IPA 4.1.
Orkhan Gasimov
orkhan-azeri at mail.ru
Fri Oct 24 06:57:05 UTC 2014
Awesome, it worked!
Just one final question: how to make that script search not only in
ipa1.example.com's LDAP database, but also in ipa2.example.com's LDAP in
case ipa1 is inaccessible? It's vital for a production environment!
I tried copying the whole section of code from " ldapsearch ..." to "...
done"
and putting it after a new instance of " if [ ! -s "$tmpf" ]; then ",
but it didn't work (I'm not a programmer...).
My current cron script is like this:
https://cloud.mail.ru/public/fdf2e60c5df8%2Fsudo.sh
Programmers, please take a glance at the file - logically it shouldn't
be difficult to make necessary modifications,
but I don't know how...
23-Oct-14 21:40, Alexander Bokovoy пишет:
> try adding something like this:
>
> old_krb5_ccache=${KRB5_CCACHE}
> KRB5_CCACHE=/tmp/_hostgroups_access.ccache.$$
> export KRB5_CCACHE
> kinit -k -t /etc/krb5.keytab host/`hostname`
> # perform actual search
> ldapsearch -Y GSSAPI .....
>
> # end of script
> kdestroy
> KRB5_CCACHE=${old_krb5_ccache}
> export KRB5_CCACHE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141024/53485df6/attachment.htm>
More information about the Freeipa-users
mailing list