Can anyone give me some tips or document links on client deployment automation (I'm using puppet) to update the /etc/krb5.keytab file?
I'm using IPA 1.2.2 on Centos5 and it seems the direct approach is to script the creation of the service principles (ipa-addservice) and extract all of the keytabs into puppet deployed files. Is there anything I'm missing? The ipa-addservice would require a human to login with a valid ticket in order to work; is there any way I could create a service account with limited permissions to allow an application to populate the Directory with new hosts from an external source (eg: cobbler, or a database of hosts) ? tia -- DougC
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users