diff options
Diffstat (limited to 'ipaserver/install/installutils.py')
-rw-r--r-- | ipaserver/install/installutils.py | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py index acf309e78..7fca84384 100644 --- a/ipaserver/install/installutils.py +++ b/ipaserver/install/installutils.py @@ -47,12 +47,14 @@ from ipapython.admintool import ScriptError from ipapython.ipa_log_manager import root_logger, log_mgr from ipalib.util import validate_hostname from ipapython import config -from ipalib import errors, x509 +from ipalib import api, errors, x509 from ipapython.dn import DN from ipaserver.install import certs, service, sysupgrade from ipaplatform import services from ipaplatform.paths import paths from ipaplatform.tasks import tasks +from ipapython import certmonger + if six.PY3: unicode = str @@ -1115,3 +1117,28 @@ def enable_and_start_oddjobd(sstore): oddjobd.start() except Exception as e: root_logger.critical("Unable to start oddjobd: {0}".format(str(e))) + + +def install_service_keytab(principal, server, path): + + try: + api.Backend.rpcclient.connect() + + # Create services if none exists (we use the .forward method + # here so that we can control the client version number and avoid + # errors. This is a workaround until the API becomes version + # independent: FIXME + + api.Backend.rpcclient.forward( + 'service_add', + krbprincipalname=principal, + version=u'2.112' # All the way back to 3.0 servers + ) + except errors.DuplicateEntry: + pass + finally: + if api.Backend.rpcclient.isconnected(): + api.Backend.rpcclient.disconnect() + + args = [paths.IPA_GETKEYTAB, '-k', path, '-p', principal, '-s', server] + ipautil.run(args) |