summaryrefslogtreecommitdiffstats
path: root/ipa-server/ipaserver/krbinstance.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-server/ipaserver/krbinstance.py')
-rw-r--r--ipa-server/ipaserver/krbinstance.py9
1 files changed, 7 insertions, 2 deletions
diff --git a/ipa-server/ipaserver/krbinstance.py b/ipa-server/ipaserver/krbinstance.py
index 414568846..949e30bc5 100644
--- a/ipa-server/ipaserver/krbinstance.py
+++ b/ipa-server/ipaserver/krbinstance.py
@@ -147,8 +147,9 @@ class KrbInstance(service.Service):
self.kpasswd.create_instance()
- def create_replica(self, ds_user, realm_name, host_name, domain_name, admin_password, ldap_passwd_filename):
+ def create_replica(self, ds_user, realm_name, host_name, domain_name, admin_password, ldap_passwd_filename, kpasswd_filename):
self.__copy_ldap_passwd(ldap_passwd_filename)
+ self.__copy_kpasswd_keytab(kpasswd_filename)
self.__common_setup(ds_user, realm_name, host_name, domain_name, admin_password)
@@ -157,7 +158,6 @@ class KrbInstance(service.Service):
self.step("configuring KDC", self.__create_replica_instance)
self.step("creating a keytab for the directory", self.__create_ds_keytab)
self.step("creating a keytab for the machine", self.__create_host_keytab)
- self.step("exporting the kadmin keytab", self.__export_kadmin_changepw_keytab)
self.__common_post_setup()
@@ -170,6 +170,11 @@ class KrbInstance(service.Service):
shutil.copy(filename, "/var/kerberos/krb5kdc/ldappwd")
os.chmod("/var/kerberos/krb5kdc/ldappwd", 0600)
+ def __copy_kpasswd_keytab(self, filename):
+ self.fstore.backup_file("/var/kerberos/krb5kdc/kpasswd.keytab")
+ shutil.copy(filename, "/var/kerberos/krb5kdc/kpasswd.keytab")
+ os.chmod("/var/kerberos/krb5kdc/kpasswd.keytab", 0600)
+
def __configure_kdc_account_password(self):
hexpwd = ''
generated by cgit (git 2.34.1) at 2024-06-01 09:30:08 +0000