Hi Fred Little unsure about what you mean here. What is it you're trying to do exactly? Do you mean you can't run IPA commands on your satellite server? Do you just need to install ipa-admin-tools?
Do you mean IPA commands don't work on a IPA client until the client is enrolled? That would make sense as how else would the server authenticate the commands? Jay On Fri, Jan 25, 2013 at 8:35 AM, Fred van Zwieten <fvzwie...@vxcompany.com>wrote: > And, using the ipa command is only possible on ipa clients. > > Although our Satellite server is an IPA client, I am (as of yet) unable to > execute ipa commands from any ipa client prior to the re-install request > from Satellite. There is, afaik, no such thing as a pre-reinstall hook or > anything like that. > > As for the ipa-host-mod --password=foo thing. You can first run the > command "ipa disable-host <fqdn> and _then_ run "ipa host-mod <fqdn> > --password=foo > > > Met vriendelijke groeten, > * > Fred van Zwieten > * > *Enterprise Open Source Services* > * > Consultant* > *(vrijdags afwezig)* > > *VX Company IT Services B.V.* > *T* (035) 539 09 50 mobiel (06) 41 68 28 48 > *F* (035) 539 09 08 > *E* fvzwie...@vxcompany.com > *I* www.vxcompany.com > > > On Fri, Jan 25, 2013 at 3:40 AM, Simo Sorce <s...@redhat.com> wrote: > >> On Thu, 2013-01-24 at 21:36 -0500, Matthew Barr wrote: >> > On Jan 24, 2013, at 6:53 PM, Dmitri Pal <d...@redhat.com> wrote: >> > > >> > > Yes you can set it again. This is how we envisioned the feature to be >> used. >> > > If it does not work it is a bug. >> > >> > >> > ipa-server-2.2.0-16.el6.x86_64, Centos 6.3 >> > >> > [mbarr@ipa ~]$ ipa host-mod wiki01.ayisnap.com --password=foo >> > ipa: ERROR: invalid 'password': Password cannot be set on enrolled host. >> >> Matthew this is indeed the correct behavior, previous information from >> Dmitri was not correct. >> >> Once a host is enrolled you cannot reset the OTP password as that would >> effectively mean destroying the hosts credentials while the host is >> enrolled. Currently the IPA workflow expects you unenroll the client >> first. >> >> Simo. >> >> -- >> Simo Sorce * Red Hat, Inc * New York >> >> _______________________________________________ >> Freeipa-users mailing list >> Freeipaemail@example.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > >
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users