diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2008-02-26 13:51:56 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2008-02-26 13:51:56 -0500 |
| commit | d6d12e9dc597d6637ae49057a44b51476ff876b0 (patch) | |
| tree | ac52e58ef107c3e01addfd3060c8ef409d582a8b /ipa-admintools | |
| parent | 111a475b1527cf08d664070db20a7cd155ff7cea (diff) | |
| download | freeipa-d6d12e9dc597d6637ae49057a44b51476ff876b0.tar.gz freeipa-d6d12e9dc597d6637ae49057a44b51476ff876b0.tar.xz freeipa-d6d12e9dc597d6637ae49057a44b51476ff876b0.zip | |
Require that service principals resolve to a DNS A record.
There is a --force option for those who know what they are doing.
433483
Diffstat (limited to 'ipa-admintools')
| -rw-r--r-- | ipa-admintools/ipa-addservice | 9 | ||||
| -rw-r--r-- | ipa-admintools/man/ipa-addservice.1 | 9 |
2 files changed, 14 insertions, 4 deletions
diff --git a/ipa-admintools/ipa-addservice b/ipa-admintools/ipa-addservice index fd94038fe..24e92ce46 100644 --- a/ipa-admintools/ipa-addservice +++ b/ipa-admintools/ipa-addservice @@ -36,12 +36,17 @@ import getpass import errno def usage(): - print "ipa-addservice principal" + print "ipa-addservice [--force] principal" sys.exit(1) def parse_options(): parser = OptionParser() + parser.add_option("--force", action="store_true", default=False, + help="Force a service principal name") + parser.add_option("--usage", action="store_true", + help="Program usage") + args = ipa.config.init_config(sys.argv) options, args = parser.parse_args(args) @@ -60,7 +65,7 @@ def main(): client = ipaclient.IPAClient() try: - client.add_service_principal(princ_name) + client.add_service_principal(princ_name, "%d" % options.force) except Exception, e: print str(e) diff --git a/ipa-admintools/man/ipa-addservice.1 b/ipa-admintools/man/ipa-addservice.1 index 4e3060fcc..f680db28e 100644 --- a/ipa-admintools/man/ipa-addservice.1 +++ b/ipa-admintools/man/ipa-addservice.1 @@ -21,8 +21,7 @@ ipa\-addservice \- Add a service principal .SH "SYNOPSIS" -ipa\-addservice \fIprincipal\fR - +ipa\-addservice [\fIOPTION\fR]... \fIprincipal\fR .SH "DESCRIPTION" Adds a service principal \fIprincipal\fR. @@ -42,6 +41,12 @@ rpc snmp The IPA server automatically appends the Kerberos realm for which it is configured. You cannot specify a different realm. + +The hostname must resolve to a DNS A record in order to ensure that it will work with Kerberos. Use the \-\-force flag to force the creation of a principal. +.SH "OPTIONS" +.TP +\fB\-\-force\fR +Force the creation of the given principal name. .SH "EXAMPLES" .TP ipa\-addservice HTTP/www.example.com |