Can anyone give me some tips or document links on client deployment
automation (I'm using puppet) to update the /etc/krb5.keytab file?

I'm using IPA 1.2.2 on Centos5 and it seems the direct approach is to script
the creation of the service principles (ipa-addservice) and extract all of
the keytabs into puppet deployed files.  Is there anything I'm missing?

The ipa-addservice would require a human to login with a valid ticket in
order to work; is there any way I could create a service account with
limited permissions to allow an application to populate the Directory with
new hosts from an external source (eg: cobbler, or a database of hosts) ?

Freeipa-users mailing list

Reply via email to