Simplify kerberos ad createhostkeytab

manifests/kerberos.pp

@@ -163,84 +163,5 @@
         content => template("${module_name}/ad_createhostkeytab.sh.erb"),
       }
     }
-
-#      # Step 1: Ensure a temporary script file is in place only if a command fails
-#      exec { 'check_keytab_command':
-#        path      => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
-#        command   => "echo 'host is missing from keytab' && touch /root/ad_createhostkeytab.sh && chmod 0700 /root/ad_createhostkeytab.sh",
-#        unless    => "klist -kte 2>&1 | grep 'host/${facts['networking']['fqdn']}' | grep -i '${ad_domain}'",
-#        logoutput => true,
-#        notify    => [
-#          Exec['create_ad_createhostkeytab.sh_script'],
-#          Exec['run_ad_create_host_keytab_script'],
-#        ],
-#      }
-#
-#      # File RESOURCE CANNOT ONLY RUN WHEN EXEC ABOVE RUNS
-#      # SO USING Exec RESOURCE TO CREATE THE SCRIPT FILE
-#      exec { 'create_ad_createhostkeytab.sh_script':
-#        path        => ['/usr/bin', '/usr/sbin'],
-#        command     => "cat <<'EOF' > /root/ad_createhostkeytab.sh
-##!/bin/bash
-## ASSIGN ARGUMENTS FROM COMMAND LINE ARGUMENTS
-#ad_domain=\"\$1\"   # Active Directory domain
-#ad_ou_computers=\"\$2\"  # Organizational Unit for computers in AD
-#ad_user=\"\$3\"  # User with permissions to create host in AD
-#keytab_base64=\"\$4\"  # Base64 encoded keytab for creating host
-## ASSIGN STATIC VARIABLES
-#HOST_FQDN=\"\$(hostname -f)\" # Fully Qualified Domain Name of the host
-#keytab_file=\"/root/createhost.keytab\"  # Path to store the decoded keytab file
-#os_name=\"\$(facter os.name)\"  # Operating System name
-## Decode the base64 encoded keytab and save it to a file
-#echo \"\${keytab_base64}\" | base64 --decode > \${keytab_file}
-## Authenticate using the keytab file
-#kinit -k -t \$keytab_file \$ad_user
-## Pre-create the computer account in the specified OU
-#adcli preset-computer --domain=\"\${ad_domain}\" --domain-ou=\"\${ad_ou_computers}\" \
-#  -U \"\${ad_user}\" --login-ccache --os-name=\"\${os_name}\" \$HOST_FQDN
-## Join the computer to the AD domain
-#adcli join --domain=\"\${ad_domain}\" -U \"\${ad_user}\" --login-ccache
-## Destroy the Kerberos ticket cache for the user
-#kdestroy -p \$ad_user
-## Remove the keytab file for security reasons
-#rm -f \$keytab_file
-#EOF
-#",
-#        refreshonly => true,
-#        require     => [
-#          Exec['check_keytab_command'],
-#        ],
-#      }
-#
-#      # Step 2: Run the script if the command fails
-#      exec { 'run_ad_create_host_keytab_script':
-#        path        => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
-#        command     => Sensitive(
-#          "/root/ad_createhostkeytab.sh '${ad_domain}' '${ad_computers_ou}' '${ad_createhostuser}' '${ad_createhostkeytab}' "
-#        ),
-#        refreshonly => true,
-#        require     => [
-#          Exec['check_keytab_command'],
-#          Exec['create_ad_createhostkeytab.sh_script'],
-#        ],
-#        notify      => Exec['delete_ad_create_host_keytab_script'],
-#      }
-#
-#      # Step 3: Ensure the temporary script file is deleted once it has been run
-#      exec { 'delete_ad_create_host_keytab_script':
-#        command => '/bin/rm /root/ad_createhostkeytab.sh',
-#        onlyif  => 'test -f /root/ad_createhostkeytab.sh',
-#        path    => ['/bin', '/usr/bin'],
-#        require => [
-#          Exec['check_keytab_command'],
-#          Exec['run_ad_create_host_keytab_script'],
-#        ],
-#      }
-#
-#      # THE kerberos $crons FOR UPGRADING/REFRESHING HOST KEYTAB DO NOT SEEM TO WORK WITH AD.
-#      # BUT IF YOU NEED TO UPDATE A HOST KEYTAB:
-#      #   YOU CAN MANUALLY REMOVE THOSE FROM THE LOCAL KEYTAB AND LET PUPPET CREATE A NEW ONE.
-#      #   THE VERSION NUMBERS SEEM TO ITERATE AUTOMATICALLY WHEN USING adcli TO RECREATE THEM.
-#    }
   }
 }