Watson, Dan wrote:
> Hi all,
> Can anyone tell me how to script calls from the ipa server? I would like
> to be able to do something like ipa group-show unix_admin in a script,
> but I dont know how to pass Kerberos credentials that dont expire.
I think you want to use credentials in a keytab. Then, before you call
your command, you can run:
$ kinit -kt /path/to/keytab princ@REALM
This can be wasteful because it always gets a new ticket.
Depending on your distro, if you have gss-proxy, it can take care of a
lot of those details for you.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project