0c68c27 extend ipa-getkeytab to support other LDAP bind methods

Authored and Committed by mbabinsk 7 years ago
    extend ipa-getkeytab to support other LDAP bind methods
    
    ipa-getkeytab command was augmented in a way that allows more flexible
    selection of bind mechanisms:
    
       * -H <LDAP_URI> option was added to specify full LDAP uri. By default the
         URI will be constructed from retrieved server name as is done now.
         Specifying this options precludes use of -s.
    
       * -Y <EXTERNAL|GSSAPI> specifes SASL bind mechanism if no bind DN
         was given (which implies simple bind)
    
    This allows the command to be used also locally via LDAPI, eliminating the
    need to provide any credentials at all as root (e.g. in installers)
    
    https://fedorahosted.org/freeipa/ticket/6409
    
    Reviewed-By: Simo Sorce <ssorce@redhat.com>
    
        
file modified
+149 -50
file modified
+12 -5