- Jul 27, 2020
-
-
Thomas Woerner authored
These are links to the Red Hat Enterprise linux files.
-
- Jun 30, 2020
-
-
Thomas Woerner authored
Ansible is now also supporting discovered_python_interpreter for action_plugins. task_vars needs to be non Null and contain a setting for discovered_python_interpreter. The ipaclient_get_otp action_plugin therefore needed to be adapted.
-
- Apr 26, 2020
-
-
Sergio Oliveira Campos authored
-
Sergio Oliveira Campos authored
-
Sergio Oliveira Campos authored
-
- Mar 20, 2020
-
-
Thomas Woerner authored
The import of ansible_ipa_server, ansible_ipa_replica and ansible_ipa_client might result in a permission denied error for the log file. It seems that for collections the module utils seem to be loaded before the needed permissions are aquired now. The fix simply adds a wrapper for standard_logging_setup that is called in all the modules of the server, replica and client roles to do the loggin setup as one of the first steps of the module execution and not before.
-
- Jan 23, 2020
-
-
Jesús authored
Keep the valid keytab file pre-existent in the master node. This fixes #191.
-
- Dec 06, 2019
-
-
Thomas Woerner authored
Exchange ipaclient_allow_repair and ipaclient_otp in Special Variables
-
Thomas Woerner authored
The docuemntation of ipaclient_otp was not part of the pull request 102 (commit d1af0ff4). The role README has been updated.
-
- Dec 02, 2019
-
-
Thomas Woerner authored
The files for RHEL-8 (RedHat-8.yml) have simply been linked to CentOS-8.yml for the ipaserver, ipareplica and ipaclient roles. Fixes issue #121 (roles/*/vars needs CentOS-8.yml files)
-
- Nov 20, 2019
-
-
Thomas Woerner authored
The sssd options in the ipaclient role missed a 's' in the role. The readme of the role used the proper names with 3 's'. The names in the role have been fixed and if the old setting are used, they will be used in the first place. Also utils/ansible-ipa-client-install has been adaped to use the proper option names now. This fixes issue #145 (The ipaclient role misspells sssd)
-
- Oct 25, 2019
-
-
Thomas Woerner authored
Updated requirements for python3-gssapi
-
- Oct 07, 2019
-
-
Thorsten Scherf authored
-
- Sep 04, 2019
-
-
Thomas Woerner authored
configure_nsswitch_database has been removed with the freeipa commit https://github.com/freeipa/freeipa/commit/41ef8fba31ddbb32e2e5b7cccdc9b582a0809111 The 4.4 compatibility hack leads to a ALREADY installed error in ipaclient_test because of the removal. This affects ipaclient and ipareplica roles and also the ipaclient deployment part in ipaserver. configure_nsswitch_database is not used any more in ipaclient role modules and therefore simply can be removed from ansible_ipa_client.
-
- Jul 23, 2019
- Jul 22, 2019
-
-
Thomas Woerner authored
result_ipaclient_test.dnso has been used instead of result_ipaclient_test.dnsok in the assignment of dnsok.
-
Thomas Woerner authored
Fallback for older releases has been added to use '/usr/bin/getent' if paths.GETENT is not defined.
-
Thomas Woerner authored
six.moves.configparser does not always provide RawConfigParser.
-
Thomas Woerner authored
The documentation of the module paramaters have been updated. The parameter list has been updated and all parameters are providing a description and the required argument has been updated to reflect current setting in the modules.
-
Thomas Woerner authored
All module_utils are now providing the __all__ structure. Alse the imports in the modules have been updated to only import freeipa sturctures from module_utils.
-
Thomas Woerner authored
These are white space and line length changes to calm down pylint and flake8.
-
- Jul 17, 2019
-
-
Thomas Woerner authored
The description of ipaclient_on_master in the ipaclient README was providing the information that the flag is also used for relicas. This is not correct and has been removed.
-
Thomas Woerner authored
dnsok has been used unitialized in the compatilbility code without sssd.
-
Thomas Woerner authored
All module and module_utils scripts have been adapted to be able to only import the symbols that are really needed and used.
-
Thomas Woerner authored
-
Thomas Woerner authored
-
- Jul 16, 2019
-
-
Thomas Woerner authored
-
- Jul 11, 2019
-
-
Thomas Woerner authored
When OTP is used for installation of a client or the client part of a replica and also there is no DNS record for the client, then ipaclient_get_otp fails in the host_add call. With the force mode the host_add call will ignore the missing DNS record and will properly add the host. The host information and also the DNS record will be updated while deploying the client according to the given settings. Fixes: #74 (ipaclient fails when ipaclient_use_otp is true and client ..)
-
- Jul 05, 2019
-
-
Thomas Woerner authored
sync_time is not using options anymore, but has two new arguments. These are ntp_servers and ntp_pool. The options argument is not used anymore. This requires to use inspect on sync_time to be able to detect if the old or the new function is available. The call for get_time_source has been added, but is documented out as the call is only useful in interactive mode. ipaclient_test now returns ntp_servers and ntp_pool, which are then used for ipaclient_setup_ntp.
-
Thomas Woerner authored
If kinit_password call failed because of wrong password or even because kinit was not found, there was a very unspecific error message. Now these errors will be properly reported. Fixes: RHBZ#1727277
-
Thomas Woerner authored
Add Information about needed /usr/bin/kinit on the controller when OTP is used
-
- Jun 26, 2019
-
-
Thomas Woerner authored
This is not needed and will calm down ansible-lint, which is not able to handle the extra tasks folder prefix.
-
Thomas Woerner authored
These vars files are providing the module names used with the Ansible package module to install the needed RPM packages.
-
- Jun 21, 2019
-
-
Thomas Woerner authored
This has not been done so far in the ansible_ipa_client, but only in the modules where it was really needed. But as these places are getting more with 4.7.90, this setting makes it into the module_utils.
-
- Jun 17, 2019
-
-
Thomas Woerner authored
Currently the error message of ipaclient_get_otp is not visble if it failed due to the use of no_log. The no_log option is needed and useful if the one-time password has successfully been generated, but is bad if there was an error while generating the password, for example if a clock skew has been detected. There is now a new task to print the error message if ipaclient_get_otp. The task for ipaclient_get_otp has been marked with "ignore_errors: yes" and the new task "Install - Report error for OTP generation" will always fail and only be used if result_ipaclient_get_otp is failed.
-
Thomas Woerner authored
The check for the ipaadmin_keytab was not using "is defined". Because of this the playbook processing failed if the variable was not defined.
-
- Jun 14, 2019
-
-
Thomas Woerner authored
-
Thomas Woerner authored
-
Thomas Woerner authored
-