Just have a silly case where I've to download the existing version keytab for 
a service principal. It is download only -- not recreate a new version and 
download the new version which ipa-getkeytab does. -- ipa-getkeytab command 
name seems a little bit misleading because it does both 'set' and 'get' 

 I've overheard that there is way to get it from underlying 389 directory 
server but not sure how to do it. Any one please shed a light on this? 
Similarly, how to download a host certificate form Dogtag because 'ipa-getcert 
request' also resetting it -- I may be wrong and so please feel free to correct 
me :);  or how about a user principal's keytab from 389 too? Thanks a lot.

Freeipa-users mailing list

Reply via email to