I never said I didn't like. Just that it's not that complicated to setup a
playbook to do what you're doing.
On Thu, Oct 5, 2017 at 11:17 AM, Thomas Woerner <twoer...@redhat.com> wrote:
> Hello Mark,
> On 10/05/2017 03:57 PM, Mark Haney wrote:
> > I've been doing this using a custom Ansible playbook for over a month
> > It appears to me to be very variable dependent.
> For the full autodetection case you do not need more than the client
> and the admin password/keytab (with or without OTP).
> The optional variables are there to alter the default configuration
> to the needs. Or did I not get it right?
> Please be more specific on the things that you do not like.
> > On Thu, Oct 5, 2017 at 7:04 AM, Thomas Woerner via FreeIPA-users <
> > firstname.lastname@example.org> wrote:
> >> Hello,
> >> we have made big progress with ansible-freeipa to be able to install ipa
> >> clients using ansible.
> >> These are the things that we are able to do now:
> >> - Simple installation on more than one machine
> >> - One configuration file (inventory file) per realm (One place for
> >> configuration options)
> >> - Authentication types
> >> - Simple use of OTP for installation and update
> >> - More secure (admin password not transferred to the clients)
> >> - Only setting of a variable is needed to enable the use of OTP
> >> - Admin principal and password
> >> - Existing host keytab
> >> - Advanced auto detection (server only, no need to provide domain)
> >> - Repair of broken configurations
> >> - Known limitation: /etc/krb5.keytab can not be repaired
> >> - Working with freeipa-4.4 and up
> >> - RHEL-7.3 and up
> >> - Fedora-25+
> >> - Support for Python3 based freeipa in Fedora-27
> >> The basic usage is explained in the README of the repository:
> >> https://github.com/freeipa/ansible-freeipa
> >> I'd like to start a discussion about naming conventions and also about
> >> customer
> >> and user requests for extensions and changes.
> >> Please give it a try and report issues you are running into.
> >> Regards,
> >> Thomas
> >> _______________________________________________
> >> FreeIPA-users mailing list -- email@example.com
> >> To unsubscribe send an email to freeipa-users-leave@lists.
Network Engineer at NeoNova
919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org