Lars Sjöström wrote:
Hi,
Understood! Would it be ok to add an optional flag then?
like --reacquire ?
like so:
# run only if force and reacquire is set
if options.force and options.reacquire:
# try to fetch keytab...
Cheers,
Lars
That sounds reasonable. In what case would you want to re-enroll a host
without disabling it first?
rob
Den 20 mars 2012 13:44 skrev Simo Sorce<s...@redhat.com>:
On Tue, 2012-03-20 at 13:00 +0100, Lars Sjöström wrote:
Hello fellow devs,
I have a proposed patch for ticket #2106
(https://fedorahosted.org/freeipa/ticket/2106)
if return code is 13 (Host already joined) of ipa-join command the
host will try to reacquire the keytab file.
Feedback appreciated!
Hi Lars, at the very least this should be conditional and be allowed
only when an override flag is passed. The reason we punt here is that
you may be trying to join a machine with the same name of an already
joined and working machine by mistake.
We do not want to void that other machine credentials unless the admin
wants to force it.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
