Commit 087965dc authored by Thomas Schneider's avatar Thomas Schneider
Browse files

ad-auth: Allow overriding DC and syncing w/ Samba in renew_krb5

parent 34f78a9d
Pipeline #3025 passed with stage
in 44 seconds
......@@ -3,3 +3,7 @@
ad_admin_group: admin
ad_admin_password: samba-admin
ad_admin_password_content: "{{ lookup('passwordstore', ad_admin_password) }}"
# Set this to force a specific DC for the renew_krb5 cron job
# ad_auth_renew_force_dc: dc.example.org
# Sync client credentials with Samba (i.e., winbindd)
ad_auth_sync_samba: false
#!/bin/bash
/usr/sbin/adcli update -D {{ domain }}
/usr/sbin/adcli update \
{% if ad_auth_renew_force_dc is defined %}
-S {{ ad_auth_renew_force_dc }} \
{% endif %}
{% if ad_auth_sync_samba %}
--add-samba-data \
{% endif %}
-D {{ domain }}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment