This patch supercedes patch 479 which is now defunct. It relies on patch 481.

Add API to delete a service principal key, service-disable and host-disable. This is so an admin can essentially revoke a service principal without deleting it (a host stores its own host service principal).

I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable.

This also adds a new output parameter, has_keytab. It is a boolean that indicates whether the entry has a kerberos principal key (or at least our best guess at it).


Attachment: freeipa-483-disable.patch
Description: application/mbox

Freeipa-devel mailing list

Reply via email to