On Няд, 10 сак 2024, Yuriy Halytskyy via FreeIPA-users wrote:
We want to be able to destroy/recreate IPA enrolled hosts without
using admin credentials.
ipa-client-install with a keytab seems like a good option except it
generates a new keytab. And there is no non-hacky way of passing this
new
On Суб, 09 сак 2024, Jonathan Calmels via FreeIPA-users wrote:
Thanks for the detailed answer, glad we didn't miss anything obvious.
I just want to add a bit more clarification on what we were proposing
IPA only responsible for its own users. If authentication relies on an
external identity
We want to be able to destroy/recreate IPA enrolled hosts without
using admin credentials.
ipa-client-install with a keytab seems like a good option except it
generates a new keytab. And there is no non-hacky way of passing this
new keytab back to terraform. Can we tell it not to generate a new