<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> <div class="moz-cite-prefix">On 09/25/2012 12:17 AM, James James wrote: </div> <blockquote cite="mid:CALBJVVnEfBS9dD_K5xtTcpVJ1P6hJU0hvWt1eaGFsmvoYTpW4g@mail.gmail.com" type="cite">Hi guys, we are planning to install 150 freeipa clients and I was wondering if there is a way to easily install (from kickstart) nfsv4 client. I can add host with # ipa host-add --password=secret But to get the keytab (host and service), I have to log into the machine, launch kinit and get the keytab. This will be very painful for 150 clients .... Any hints is welcome ... <fieldset class="mimeAttachmentHeader"></fieldset> <pre wrap="">_______________________________________________ Freeipa-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre> </blockquote> Hi, I am working on integrating what you are asking for into OneClickKick. OneClickKick which is a web based GUI for managing DHCP server and PXE booting. The current version can read the host objects from IPA's LDAP, and you can use these to generate PXE boot files for kickstarting RHEL/Fedora, preseeding Debian/Ubuntu installations, do BIOS upgrades, run LIVE environments, etc. What I have done in the past is to add a line like this to the post section of the kickstart: /usr/sbin/ipa-client-install --domain="ix.test.com" --principal="ipajoinuser" --password="somepassword" -U -f This is not ideal even though the kickstart is saved in a database and only made available dynamically trough a php script to the host that's enabled for kickstarting. It is not saved in a text file on the disk. The next version will include tighter integration with IPA where a One Time Password is set for the host being kickstarted at the time it's enabled for kickstarting, and this password is seeded dynamically when the host is served it's kickstart file. The next version will also have the PXE Enrollment boot image updated to supporting adding new hosts directly into IPA. The PXE Enrollment is support for adding a new host simply to PXE booting it, logging on, and giving it a hostname and assigning it with a kickstart profile to load the machine directly from the console of the new machine. Adding of machines directly to IPA from the web UI will also be available in the next version. This allows you to do everything from adding the host, to selecting the kickstart profile group, and enabling for PXE installation/kickstart in 1 step. It can also search trough the /var/log/messages file to find new hosts that's unknown to it's naming sources and directly add these. You can also select a group of machine to install, so if you have your 150 machines in one group you can select the entire group for installation. See the project website or contact me for more information: <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <a href="http://sourceforge.net/projects/oneclickkick/">http://sourceforge.net/projects/oneclickkick/</a> Regards, Siggi </body> </html>