On 07/12/2023 14.15, Kees Bakker via FreeIPA-users wrote:
FWIW, the host principal of a system (host/$HOSTNAME) has permission to
manage its own services. The principal can add new services and request
a new keytab for a service. You can kinit with the host keytab to
acquire a TGT for the host
On 07-12-2023 13:57, Christian Heimes via FreeIPA-users wrote:
On 07/12/2023 13.24, twoerner--- via FreeIPA-users wrote:
Hello,
On 12/7/23 12:50, Kees Bakker via FreeIPA-users wrote:
Hi,
Is this a good place to ask questions about ansible-freeipa ?
Does anyone have an example to do getkeytab
On 07/12/2023 13.24, twoerner--- via FreeIPA-users wrote:
Hello,
On 12/7/23 12:50, Kees Bakker via FreeIPA-users wrote:
Hi,
Is this a good place to ask questions about ansible-freeipa ?
Does anyone have an example to do getkeytab through ansible?
What I want to achieve is the equivalence of
Hello,
On 12/7/23 12:50, Kees Bakker via FreeIPA-users wrote:
Hi,
Is this a good place to ask questions about ansible-freeipa ?
Does anyone have an example to do getkeytab through ansible?
What I want to achieve is the equivalence of
$ ipa-getkeytab -p HTTP/$(hostname -f) -k
Hi,
Is this a good place to ask questions about ansible-freeipa ?
Does anyone have an example to do getkeytab through ansible?
What I want to achieve is the equivalence of
$ ipa-getkeytab -p HTTP/$(hostname -f) -k /etc/apache2/http.keytab
Creating a service is already possible, for example
Florence Blanc-Renaud via FreeIPA-users schrieb am 07.12.23 um 10:00:
> But the behavior will be exactly the same, ie on IPA side the user is
> seen as a member of the AD group + of the posix group defined on IPA side.
Ok, then I guess I'll have to live with this (aesthetic) flaw.
Thank you very
Hi Stefan,
On Thu, Dec 7, 2023 at 8:00 AM Stefan Palm via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hello everyone.
>
> It looks like I have a problem understanding the way AD trusts work.
> Maybe someone here can enlighten me.
>
> In our AD we have "normal" users and groups