I've used shared keytabs before to create a loadbalanced squid instance. This
way you don't even need to use sticky balancing since all nodes that have the
key material will be able to decrypt TGSs for the shared service. Be sure to
use the -r option with ipa-getkeytab, otherwise the secret
I believe you need to set them up in the "Default Trust View" within IPA
Verzonden vanaf mijn Samsung-apparaat
Oorspronkelijk bericht
Van: Frank Rey via FreeIPA-users
Datum: 25-07-17 03:46 (GMT+01:00)
Aan: FreeIPA users list
Configure SSSD on that client with
[nss]
filter_users = root, admin
Verzonden vanaf mijn Samsung-apparaat
Oorspronkelijk bericht
Van: peter--- via FreeIPA-users
Datum: 19-06-17 16:09 (GMT+01:00)
Aan:
Hi,
For our puppet profile we use ipa-client-install unless the file
/etc/ipa/default.conf exists (which is created by ipa-client-install), this
should work for ansible as well. The creates option in both puppet exec and
ansible shell modules seem to serve the same purpose in that regard.