From d401f550ded9fa990e4c23cb47de6101668f779c Mon Sep 17 00:00:00 2001
From: Bill Glick <bglick@illinois.edu>
Date: Mon, 16 Dec 2024 16:16:24 -0600
Subject: [PATCH] Simplify kerberos ad createhostkeytab

---
 manifests/kerberos.pp | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/manifests/kerberos.pp b/manifests/kerberos.pp
index 2cbce82..90a385f 100644
--- a/manifests/kerberos.pp
+++ b/manifests/kerberos.pp
@@ -135,18 +135,19 @@
 
     # AD JOIN AND KEYTAB CREATION
     if ( $ad_createhostkeytab and $ad_createhostuser and $ad_computers_ou and $ad_domain ) {
-      if $ad_domain in split($facts['kerberos_keytab_domains'], ',') {
+      $kerberos_domains = split($facts['kerberos_keytab_domains'], ',')
+      if ( $ad_domain in $kerberos_domains ) {
         $ensure_parm = 'absent'
       } else {
         $ensure_parm = 'present'
 
         exec { 'run_ad_create_host_keytab_script':
-          path        => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
-          command     => Sensitive(
+          path    => ['/usr/bin', '/usr/sbin', '/usr/lib/mit/bin'],
+          command => Sensitive(
             "/root/ad_createhostkeytab.sh '${ad_domain}' '${ad_computers_ou}' '${ad_createhostuser}' '${ad_createhostkeytab}' "
           ),
-          refreshonly => true,
-          require     => File['/root/ad_createhostkeytab.sh'],
+          #refreshonly => true,
+          require => File['/root/ad_createhostkeytab.sh'],
         }
       }