Simplify kerberos ad createhostkeytab

ncsa · Dec 16, 2024 · d401f55 · d401f55
1 parent c53b63f
commit d401f55
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/manifests/kerberos.pp b/manifests/kerberos.pp
@@ -135,18 +135,19 @@
 
     # AD JOIN AND KEYTAB CREATION
     if ( $ad_createhostkeytab and $ad_createhostuser and $ad_computers_ou and $ad_domain ) {
-      if $ad_domain in split($facts['kerberos_keytab_domains'], ',') {
+      $kerberos_domains = split($facts['kerberos_keytab_domains'], ',')
+      if ( $ad_domain in $kerberos_domains ) {
         $ensure_parm = 'absent'
       } else {
         $ensure_parm = 'present'
 
         exec { 'run_ad_create_host_keytab_script':
-          path        => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
-          command     => Sensitive(
+          path    => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
+          command => Sensitive(
             "/root/ad_createhostkeytab.sh '${ad_domain}' '${ad_computers_ou}' '${ad_createhostuser}' '${ad_createhostkeytab}' "
           ),
-          refreshonly => true,
-          require     => File['/root/ad_createhostkeytab.sh'],
+          #refreshonly => true,
+          require => File['/root/ad_createhostkeytab.sh'],
         }
       }