it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lmn-client/roles/lmn_sssd/tasks/main.yml
Raphael Dannecker f08c06d7a6 krb5.conf from package krb5-user ist required
2025-07-16 08:50:39 +02:00

46 lines
1.2 KiB
YAML
Raw Blame History

---
- name: Install needed packages
ansible.builtin.apt:
name:
- sssd-ad
- sssd-tools
- adcli
- kstart
- krb5-user
- name: Provide user identities from AD
ansible.builtin.template:
src: sssd.conf.j2
dest: /etc/sssd/sssd.conf
mode: '0600'
notify: Restart sssd
## Either one of the variables is defined:
- name: Join the domain
ansible.builtin.shell:
cmd: >
echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |
adcli join --stdin-password -U global-admin {{ domain | upper }}
when: >
ansible_cmdline.adpw | default('') | length > 0 or
adpw.user_input | default('') | length > 0
- name: Set CCache file name
ansible.builtin.lineinfile:
dest: /etc/krb5.conf
line: ' default_ccache_name = FILE:/tmp/krb5cc_%{uid}'
insertbefore: '\[realms\]'
state: present
- name: Create kstart systemd service for obtaining machine ticket
ansible.builtin.template:
src: kstart.service.j2
dest: /etc/systemd/system/kstart.service
mode: '0644'
when: not nfs4
- name: Enable kstart service
ansible.builtin.systemd:
name: kstart.service
enabled: true
when: not nfs4
Reference in a new issue View git blame Copy permalink