we have made big progress with ansible-freeipa to be able to install ipa
clients using ansible.
These are the things that we are able to do now:
- Simple installation on more than one machine
- One configuration file (inventory file) per realm (One place for
- Authentication types
- Simple use of OTP for installation and update
- More secure (admin password not transferred to the clients)
- Only setting of a variable is needed to enable the use of OTP
- Admin principal and password
- Existing host keytab
- Advanced auto detection (server only, no need to provide domain)
- Repair of broken configurations
- Known limitation: /etc/krb5.keytab can not be repaired
- Working with freeipa-4.4 and up
- RHEL-7.3 and up
- Support for Python3 based freeipa in Fedora-27
The basic usage is explained in the README of the repository:
I'd like to start a discussion about naming conventions and also about customer
and user requests for extensions and changes.
Please give it a try and report issues you are running into.
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org