Watson, Dan wrote: > Hi all, > > > > Can anyone tell me how to script calls from the ipa server? I would like > to be able to do something like ipa group-show unix_admin in a script, > but I dont know how to pass Kerberos credentials that dont expire.
I think you want to use credentials in a keytab. Then, before you call your command, you can run: $ kinit -kt /path/to/keytab princ@REALM This can be wasteful because it always gets a new ticket. Depending on your distro, if you have gss-proxy, it can take care of a lot of those details for you. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project