SVCPLAN-6686: Add support for AD createhost functionality #25
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
2 times, most recently
from
5dadc46 to
6726ca7
Compare
billglick
commented
Dec 5, 2024
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
3 times, most recently
from
c4946c1 to
f02d3cc
Compare
bsper2
reviewed
Dec 6, 2024
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
from
d1f9e2b to
206fa0b
Compare
|
This has been retested on ICCPv4. Specifically |
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
from
836a6f7 to
5462693
Compare
billglick
commented
Dec 17, 2024
manifests/kerberos.pp
Outdated
Comment on lines
99
to
124
| # KERBEROS HOST PRINCIPAL CREATION | ||
| if ( $createhostkeytab and $createhostuser ) { | ||
| # CREATE KEYS AND SETUP RENEWAL | ||
| file { '/root/createhostkeytab.sh': | ||
| ensure => file, | ||
| mode => '0700', | ||
| mode => '0500', | ||
| source => "puppet:///modules/${module_name}/root/createhostkeytab.sh", | ||
| } |
There was a problem hiding this comment.
Should we go ahead and change the NCSA kerberos host principal creation process to follow similar logic as the AD join and keytab creation? The idea being to change the script to have parameters that are passed in, better clean up after itself, etc.
There was a problem hiding this comment.
This has also been updated now and has been tested on cc-pup01 & cc-log01.
I left these changes as a 2nd unique commit in case we decide to revert them.
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
from
e4bddd4 to
9eecfd8
Compare
billglick
force-pushed
the
wglick/SVCPLAN-6686/ad_createhost_prinicpal
branch
from
7e7811b to
d97d53c
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This has been tested on
cc-test[01-03].For more details on this, see: https://wiki.ncsa.illinois.edu/display/ICI/AD%2C+Automated+Linux+Computer+Add+and+Join+Domain
Fix #19