Get and destroy host ticket
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk
parent
a34ab99650
commit
f408d9d3a2
1 changed files with 17 additions and 1 deletions
|
|
@ -60,7 +60,7 @@
|
|||
- krb5
|
||||
when: not keytab_status.stat.exists
|
||||
|
||||
- name: Destroy kerberos ticket
|
||||
- name: Destroy admin ticket
|
||||
delegate_to: "{{ ipa_server }}"
|
||||
command: kdestroy -A
|
||||
tags:
|
||||
|
|
@ -69,6 +69,14 @@
|
|||
- krb5
|
||||
when: not keytab_status.stat.exists
|
||||
|
||||
- name: Get host ticket
|
||||
shell: kinit -k -t /etc/krb5.keytab host/{{inventory_hostname}}
|
||||
tags:
|
||||
- keytab
|
||||
- config
|
||||
- krb5
|
||||
when: not keytab_status.stat.exists
|
||||
|
||||
- name: Retrieve keytab
|
||||
command: ipa-getkeytab --retrieve --server {{ipa_server}} --keytab {{kt_location}} --principal {{service}}/{{host}}
|
||||
tags:
|
||||
|
|
@ -77,6 +85,14 @@
|
|||
- krb5
|
||||
when: not keytab_status.stat.exists
|
||||
|
||||
- name: Destroy host ticket
|
||||
command: kdestroy -A
|
||||
tags:
|
||||
- keytab
|
||||
- config
|
||||
- krb5
|
||||
when: not keytab_status.stat.exists
|
||||
|
||||
- name: Set keytab permissions
|
||||
file: path={{kt_location}} owner={{owner_user}} group={{owner_group}} mode=0600
|
||||
tags:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue