Make IPA use the combined keytab
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk
parent
ab40af84d1
commit
78261c632c
1 changed files with 8 additions and 0 deletions
|
|
@ -58,6 +58,14 @@
|
||||||
shell: printf "%b" "read_kt /etc/httpd/conf/ipa.keytab\nread_kt /etc/krb5.HTTP_id{{env_suffix}}.fedoraproject.org.keytab\nwrite_kt /etc/krb5.HTTP_id{{env_suffix}}.fedoraproject.org.keytab.combined" | ktutil
|
shell: printf "%b" "read_kt /etc/httpd/conf/ipa.keytab\nread_kt /etc/krb5.HTTP_id{{env_suffix}}.fedoraproject.org.keytab\nwrite_kt /etc/krb5.HTTP_id{{env_suffix}}.fedoraproject.org.keytab.combined" | ktutil
|
||||||
tags:
|
tags:
|
||||||
- krb5
|
- krb5
|
||||||
|
- ipa/server
|
||||||
|
- name: Make IPA HTTP use the combined keytab
|
||||||
|
lineinfile: dest=/etc/httpd/conf.d/ipa.conf
|
||||||
|
regexp='GssapiCredStore keytab:'
|
||||||
|
line=' GssapiCredStore keytab:/etc/krb5.HTTP_id{{env_suffix}}.fedoraproject.org.keytab.combined'
|
||||||
|
tags:
|
||||||
|
- krb5
|
||||||
|
- ipa/server
|
||||||
|
|
||||||
- name: do base role once more to revert any resolvconf changes
|
- name: do base role once more to revert any resolvconf changes
|
||||||
hosts: ipa:ipa-stg
|
hosts: ipa:ipa-stg
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue