Hello Ronald, Ronald Wimmer via FreeIPA-users <[email protected]> writes:
> On 02.11.22 18:20, Rob Crittenden via FreeIPA-users wrote: >> Ronald Wimmer via FreeIPA-users wrote: >>> In order to integrate our AIX clients we do have to take two steps >>> manually: >>> >>> 1) Enrolling the host >>> 2) Fetching the keytab file for this particular host >>> >>> A quick search in the WebGUIs API browser revealed a host_add method but >>> I cannot find a method for fetching a keytab file. Did I miss something >>> here? >> There is no IPA API to retrieve a keytab[1]. You should use >> ipa-getkeytab. > > There is no ipa-getkeytab on AIX. So I need to fetch an IPA client's > keytab from LDAP, right? I'd do the following: 1. Enroll the host in freeipa: ipa host-add aix.example.org --ip-address=192.168.30.x 2. Allow my user to create a keytab: ipa host-allow-create-keytab aix.example.org --users=jochen 3. get the keytab: ipa-getkeytab -p host/aix.jochen.org -k aix.keytab Keytab successfully retrieved and stored in: aix.keytab 4. Transfer the keytab to the AIX host HTH Jochen -- This space is intentionally left blank. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
