Hello,

we have made big progress with ansible-freeipa to be able to install ipa
clients using ansible.

These are the things that we are able to do now:

- Simple installation on more than one machine
- One configuration file (inventory file) per realm (One place for
  configuration options)
- Authentication types
  - Simple use of OTP for installation and update
    - More secure (admin password not transferred to the clients)
    - Only setting of a variable is needed to enable the use of OTP
  - Admin principal and password
  - Existing host keytab
- Advanced auto detection (server only, no need to provide domain)
- Repair of broken configurations
  - Known limitation: /etc/krb5.keytab can not be repaired
- Working with freeipa-4.4 and up
  - RHEL-7.3 and up
  - Fedora-25+
  - Support for Python3 based freeipa in Fedora-27

The basic usage is explained in the README of the repository:
https://github.com/freeipa/ansible-freeipa

I'd like to start a discussion about naming conventions and also about customer
and user requests for extensions and changes.

Please give it a try and report issues you are running into.

Regards,
Thomas
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to