Commit e29f2889 authored by Fabien Combernous's avatar Fabien Combernous

Merge branch '75-missing-kinit-during-admin-management' into 'master'

Resolve "missing kinit during admin management"

Closes #75

See merge request !81
parents 9c134474 bc4df494
Pipeline #3331 waiting for manual action with stages
in 1 minute and 56 seconds
......@@ -36,12 +36,12 @@ define freeipa::config::humanadmin(
case $_ensure {
'present': {
exec { "ipa user-add ${_adminname}":
command => "kinit admin -k -t /home/admin/admin.keytab; ipa user-add ${_adminname} --first=${_adminname} --last=${_adminname} ",
unless => "ipa user-show ${_adminname} | grep login",
command => "ipa user-add ${_adminname} --first=${_adminname} --last=${_adminname} ",
unless => "kinit admin -k -t /home/admin/admin.keytab; ipa user-show ${_adminname} | grep login",
}
-> exec { "ipa group-add-member admins --users=${_adminname}":
command => "kinit admin -k -t /home/admin/admin.keytab; ipa group-add-member admins --users=${_adminname}",
unless => "ipa group-show admins | grep ${_adminname}",
command => "ipa group-add-member admins --users=${_adminname}",
unless => "kinit admin -k -t /home/admin/admin.keytab; ipa group-show admins | grep ${_adminname}",
}
-> exec { "ldappasswd uid=${_adminname},cn=users,cn=accounts,${_dc}":
command => "ldappasswd -Z -H ldap://localhost -x -D \"cn=Directory Manager\" -w ${freeipa::directory_services_password} -s ${adminsettings['password']} \"uid=${_adminname},cn=users,cn=accounts,${_dc}\"",
......@@ -50,7 +50,7 @@ define freeipa::config::humanadmin(
}
'absent': {
exec { "ipa user-del ${_adminname}":
command => "kinit admin -k -t /home/admin/admin.keytab; ipa user-del ${_adminname}",
command => "ipa user-del ${_adminname}",
onlyif => "kinit admin -k -t /home/admin/admin.keytab; ipa user-show ${_adminname}",
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment