it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Restart slapd when keytab is available. HTTP service principal.

Browse source
This commit is contained in:
Andreas B. Mundt 2020-03-16 19:36:19 +01:00
parent f0c65d3cce
commit 6f0197f693
2 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
roles/krb5-kdc-ldap/handlers/main.yml
View file

@ -1,7 +1,11 @@
- name: restart slapd
systemd: name=slapd state=restarted enabled=yes
listen: "restart slapd"
- name: restart krb5-kdc - name: restart krb5-kdc
service: name=krb5-kdc state=restarted enabled=yes systemd: name=krb5-kdc state=restarted enabled=yes
listen: "restart krb5-kdc" listen: "restart krb5-kdc"
- name: restart krb5-admin-server - name: restart krb5-admin-server
service: name=krb5-admin-server state=restarted enabled=yes systemd: name=krb5-admin-server state=restarted enabled=yes
listen: "restart krb5-admin-server" listen: "restart krb5-admin-server"

3
roles/krb5-kdc-ldap/tasks/main.yml
View file

@ -173,6 +173,7 @@
with_items: with_items:
- host - host
- ldap - ldap
- HTTP
when: not krb5kdc.stat.exists when: not krb5kdc.stat.exists
- name: add principal to the keytab - name: add principal to the keytab
@ -180,6 +181,7 @@
with_items: with_items:
- host - host
- ldap - ldap
- HTTP
when: not krb5kdc.stat.exists when: not krb5kdc.stat.exists
- name: allow slapd to read the keytab - name: allow slapd to read the keytab
@ -188,6 +190,7 @@
owner: root owner: root
group: openldap group: openldap
mode: '0640' mode: '0640'
notify: restart slapd
- name: "make 'kerberos' an alias hostname resolvable from the LAN" - name: "make 'kerberos' an alias hostname resolvable from the LAN"
replace: replace: