Signed-off-by: Alan Pevec <apevec at redhat.com> --- wui-appliance/wui-devel.ks | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/wui-appliance/wui-devel.ks b/wui-appliance/wui-devel.ks index c50b3a8..2903a19 100644 --- a/wui-appliance/wui-devel.ks +++ b/wui-appliance/wui-devel.ks @@ -158,6 +158,8 @@ replace: ipaMaxUsernameLength ipaMaxUsernameLength: 12 LDAP ipa-adduser -f Ovirt -l Admin -p @password@ @principal@ + # make ovitadmin also an IPA admin + ipa-modgroup -a ovirtadmin admins ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@ ipa-getkeytab -s management.priv.ovirt.org -p @principal@ -k @ktab_file@ @cron_file@ -- 1.5.4.1
Perry N. Myers
2008-Jul-03 11:59 UTC
[Ovirt-devel] [PATCH] make ovirtadmin also an IPA admin
Alan Pevec wrote:> Signed-off-by: Alan Pevec <apevec at redhat.com> > --- > wui-appliance/wui-devel.ks | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/wui-appliance/wui-devel.ks b/wui-appliance/wui-devel.ks > index c50b3a8..2903a19 100644 > --- a/wui-appliance/wui-devel.ks > +++ b/wui-appliance/wui-devel.ks > @@ -158,6 +158,8 @@ replace: ipaMaxUsernameLength > ipaMaxUsernameLength: 12 > LDAP > ipa-adduser -f Ovirt -l Admin -p @password@ @principal@ > + # make ovitadmin also an IPA admin > + ipa-modgroup -a ovirtadmin admins > ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@ > ipa-getkeytab -s management.priv.ovirt.org -p @principal@ -k @ktab_file@ > @cron_file@This is a good temporary solution for those using the appliance to be able to use both IPA and oVirt with the same principal. We probably should give some more thought to how we want to structure the users though. In the long run having ovirtadmin be an IPA admin might not be the best idea. But ACK for now Perry -- |=- Red Hat, Engineering, Emerging Technologies, Boston -=| |=- Email: pmyers at redhat.com -=| |=- Office: +1 412 474 3552 Mobile: +1 703 362 9622 -=| |=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|