I've been doing this using a custom Ansible playbook for over a month now.
It appears to me to be very variable dependent.

On Thu, Oct 5, 2017 at 7:04 AM, Thomas Woerner via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:

> Hello,
>
> we have made big progress with ansible-freeipa to be able to install ipa
> clients using ansible.
>
> These are the things that we are able to do now:
>
> - Simple installation on more than one machine
> - One configuration file (inventory file) per realm (One place for
>   configuration options)
> - Authentication types
>   - Simple use of OTP for installation and update
>     - More secure (admin password not transferred to the clients)
>     - Only setting of a variable is needed to enable the use of OTP
>   - Admin principal and password
>   - Existing host keytab
> - Advanced auto detection (server only, no need to provide domain)
> - Repair of broken configurations
>   - Known limitation: /etc/krb5.keytab can not be repaired
> - Working with freeipa-4.4 and up
>   - RHEL-7.3 and up
>   - Fedora-25+
>   - Support for Python3 based freeipa in Fedora-27
>
> The basic usage is explained in the README of the repository:
> https://github.com/freeipa/ansible-freeipa
>
> I'd like to start a discussion about naming conventions and also about
> customer
> and user requests for extensions and changes.
>
> Please give it a try and report issues you are running into.
>
> Regards,
> Thomas
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>



-- 
[image: photo]
Mark Haney
Network Engineer at NeoNova
919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net
www.neonova.net <https://neonova.net/>
<https://www.facebook.com/NeoNovaNNS/>  <https://twitter.com/NeoNova_NNS>
<http://www.linkedin.com/company/neonova-network-services>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to