On 04/25/2014 09:52 AM, Stephen Benjamin wrote:


----- Original Message -----
From: "Dmitri Pal" <d...@redhat.com>
To: "Martin Kosek" <mko...@redhat.com>, "Stephen Benjamin" <stben...@redhat.com>
Cc: "Jan Cholasta" <jchol...@redhat.com>, freeipa-users@redhat.com, "Tomas Babej" 
<tba...@redhat.com>
Sent: Friday, April 25, 2014 3:42:39 PM
Subject: Re: [Freeipa-users] FreeIPA + Foreman 1.5

Are you planning to have a toggle for SSH integration?
There's freeipa_opts to pass options directly to the installer, so a user can
directly pass anything they want.

I can add the SSH flag if it's needed and a relatively common one...

Is there anything else that should be added?

I still have to give the snippet a workout to ensure it works on everything,
but seems OK so far, even if it's not going to win any beauty contests.

  
https://github.com/stbenjam/community-templates/blob/freeipa-fixes/snippets/freeipa_register.erb


Yeah I was not thrilled by sed but if we can't do better for now so be it.
Can Foreman have defaults?
So that SSH & SUDO are turned on by default but automount is not.
I am not sure there is anything else for now.

We might start getting into more advanced features like provisioning certs for other software components deployed on the same machine later. That however rises a question: is there a way to record in Foreman that the client system has been IPA enrolled, because if it was the software deployed on top might be able to leverage this fact and the configuration of this software would be different if the system is enrolled or not.

--
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to