freeipa

Clone
Source Code
GIT

6181844 use DM credentials to retrieve service keytab only in DLO

1 file Authored by mbabinsk 7 years ago, Committed by jcholast 7 years ago,
raw patch tree parent
1 file changed. 2 lines added. 1 lines removed.
ipaserver/install/service.py
file modified
+2 -1 
    use DM credentials to retrieve service keytab only in DLO
    
    In DL0 directory manager password is bundled in the supplied replica file and
    the replica installer can use it to authenticate against master when
    retrieving service keytabs.
    
    In DL1, however, DM credentials are generated randomly and used during local
    DS instance creation. The proper DM password is imported by custodia much
    later to the process. We must not allow the installer to contact the remote
    master using this random password since it would fail.
    
    https://fedorahosted.org/freeipa/ticket/6405
    
    Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
file modified
+2 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.